The launch of the Apple iPad was one of the most significant of 2010, yet for IT departments it is one more mobile device to manage. Ian Aitchison, technology director at LANDesk, looks at the challenge and how more applications and devices on the network can create more risk of threats.
Apple recently announced that it has sold more than 7.5 million iPads during its 2010 fiscal year, helping achieve a quarterly profit of $4.31 billion compared to $2.53 billion for the same period last year. With analysts predicting iPad sales to reach 21 million in 2011, there is no doubt that devices such as the iPad, iPhone, Android phones, Blackberry and other 3G devices have revolutionised the way we communicate not only at home but also in our working life.
More and more people use their personal devices for work matters and vice-versa, but what challenges does this present to the IT department? Research conducted by LANDesk Software shows that IT departments are facing a daunting battle to regain control of the way they enforce policy and practice within their organisations. More than half (61 per cent) of IT decision makers in the UK see the security threat of staff use of social media as their biggest concern.
Social media not only clogs up bandwidth, but also exposes corporate networks to significant security risks like inbound security threats and data leakage. Many of these networks have third party applications allowing the unauthorised collection and distribution of personal information which in itself is dangerous, even worse is how dangerous they are for corporate networks that contain a great deal of sensitive business information.
Apple iPads, Android phones, tablets and other similar devices open the door to increased and easier access to the internet and the ever expanding suite of applications that are downloaded to them. This increases the risk of viruses onto the network.
Today more end-users than ever are able to easily download software and manage the way they use IT. As a result, many employees see themselves as their ‘own IT manager', which has the potential to cause a number of problems for organisations. As applications evolve, end-users increasingly download new software add-ons which can expose businesses to new and additional security threats.
The more applications and devices on the network, the more risk of threats. Despite the fact that the majority of firms have strict policies around the use of social media (73 per cent) and internet downloads (89 per cent) in place, the study showed that one in three were unsure that these were being adhered to.
Indeed, 55 per cent of employees surveyed admitted to downloading software from the internet to a corporate network. Almost half (48 per cent) of those downloads were found to be non-work related, leading to a quarter of employees needing to contact IT helpdesks to fix resulting problems often wasting valuable time and resources.
Furthermore, the study found that 58 per cent of staff admitted to posting company information on social media platforms, creating additional security challenges through the potential loss or leak of sensitive information. Personal devices like the iPad lead to increased web access and decreased IT control with more people able to access corporate data and transfer or even delete important documents.
According to Apple, iPad users downloaded over one million apps and 250,000 ebooks during the first day of its sales, a rate that shows no signs of slowing in the coming months. This is an issue that is clearly here to stay, there is no question that as technology continues to evolve, IT departments will find themselves fighting more fires, resulting in greater resourcing and financial pressures.
Top 10 Tips for securing your network against iPads and other 3G devices
1) Ensure that a robust and precise IT policy is in place that clearly outlines the accepted use of iPads within the business network. This should be clearly communicated with staff and a close alignment with the HR department is recommended
2) Encrypt email sessions, which can be done via Microsoft's ActiveSync to discover all devices that connect to your network.
3) Lock them with a strong passcode.
4) Lock them automatically when they have been idle for set period.
5) Wipe them clean if they are lost or stolen using your remote systems management tools
6) Wipe them after a set number of failed logins.
7) Sign configuration profiles and protect them with passwords to avoid tampering.
8) Provide easy routes for employees to report lost or stolen iPads.
9) Automate wiping. Enable ‘lost my iPad' support processes raised by the device owners through support interfaces to perform a wipe automatically at any time.
10) Ensure iPads are known and managed through your systems management system alongside all other IT-managed devices such as desktop computers, laptops and mobile phones.