Professional Documents
Culture Documents
ECSC - UNRESTRICTED
Uncontrolled Applications
Microsoft Internet Explorer security policies are not applied to the iPad.
Passwords
iPads do not allow for password based device locking, or provide password complexity options by default. Even with a password, an iPad can give extended access times before requesting a login.
Auto-lock
External Storage
Although the iPad doesnt support USB sticks, users may be using insecure on-line cloud services. Currently, these can only be applied if the iPad is connected to a PC or Apple computer.
With the arrival of iOS5, iPad users are expected to be able to perform over the air iOS updates, and backup their device to Apples iCloud service, which should be available in the Autumn. We expect future MDM solutions to offer backup to the corporate network. Configure iPads to use an always on VPN, to force all traffic leaving the device to be securely encrypted and sent to your corporate network, allowing for network access controls to be applied by your existing firewall.
Wireless
The iPad is dependent upon wireless technologies with no MDM options to restrict.
And finally, recent high-profile attacks against security vendors remind us that MDM providers may themselves be the target of future attacks. This should be factored into your continued risk assessment and remediation efforts.
ECSC Ltd 1 Valley Court Bradford West Yorkshire BD1 4SP Tel: +44 (0)1274 736223 Web: www.ecsc.co.uk Email: info@ecsc.co.uk
Reg No. 3964848, VAT No. 746361914 Copyright ECSC Ltd 2011
Security Management Briefings are published on a general basis for information only and no liability is accepted for errors of fact or opinion that it may contain. Professional advice should always be obtained before applying the information to any particular circumstances. ECSC Ltd cannot accept any liability for any action taken or not taken on the basis the content of Security Management Briefings.