Guide to iPad Security in the Enterprise: Page 2
While iPads and other tablets offer the promise of major productivity gains in the enterprise, they can also introduce some pretty big security issues. Here's how to tackle those challenges.
Right Amount of Control
In choosing an MDM provider, Ahlm says, consider how much control you really need.
“Do you need a heavy or feature-rich mobile device management software? Maybe so, if you own the device and you have high security requirements,” he says. “If you’re somewhere in the middle, if you have a flexible mobile device policy, maybe a lightweight MDM … might be a good model. On the other end of the spectrum, if it’s a totally-your-own-device model, I’m probably going to be looking less at MDM functionality. Maybe I don’t have any MDM functionality at all; maybe I’m just wrapping my apps.”
One company that’s keeping things simple from that perspective is the GoodLife Team. Krisstina Wise, founder and CEO of the Austin, Texas-based real estate firm, says she realized soon after she first bought an iPad that it could be a perfect solution for real estate agents in the field. “We’re very mobile, and iPad made my job easier,” she says. “It enabled me to transact without having to go back to the office, and it enabled me to do my job better because it enabled me to be paperless.”
Wise soon required her entire sales team (approximately 15 people) to purchase their own iPads for use at the firm. While she faced some initial resistance to the idea, she says it’s had an enormously positive impact on the firm as a whole. “It’s enabled them to provide a better experience with their clients, and to do their job better … and now we’re even teaching other agents across the country how to do what we do as well,” she says.
Because the firm’s real estate agents are all independent contractors and have purchased their own iPads, Wise says there hasn’t been a need for a mobile device management solution. Instead, they simply use apps like Evernote and Cartavi to record and securely share key data. “They have all sorts of security protocols in place … So my advice would be to make sure to work with the companies or apps that are very obvious about wanting to keep the data protected,” she says.
Lessons from a Larger iPad Deployment
For larger enterprises, though, that level of simplicity likely won't be enough. Security company ADT currently has more than 4,500 sales reps using iPads. Company vice president Joseph O’Connell says the device is a great solution, both for supporting CRM functionality and for allowing sales reps to demonstrate the functionality of the company’s ADT Pulse offering.
O’Connell says the company is actively working to increase the number of ways its salespeople can leverage the devices, with plans to add electronic order entry and scheduling, among other capabilities. “We would like to take this thing from soup to nuts – from the lead coming in over the phone, to the appointment being set, to the sales rep running the appointment, the presentation, the pricing piece, the order entry piece, the install scheduling. That’s our vision, to get it all the way through.”
Still, Natalie MacDonald, information technology director at ADT, says the company’s iPad deployment immediately presented several basic challenges for IT. “It’s a very attractive device, so we knew they were going to be potentially high-theft items,” she says. “We want to make sure our sales team members are treating the devices with care.”
MacDonald says several back-end processes had to be developed from scratch as well. “We had to manage the whole logistics of purchasing, of dispensing, of returning. We had to build a whole logistical process around the iPads, where we never had one … Instead of someone sitting in an office and waiting for days, we wanted to make sure it was very efficient to have them in stock, to be able to wipe them like you would a PC, and re-issue them and ship them to people that are out in the field,” she says.
The company worked with Dell to manage logistics for its sales force. “They built a whole depot to bring in these devices and manage the asset in our systems for us – and do the shipping, do the refurbishment, and send out to an external third party for repairs … That was all set up and facilitated by internal resources but with Dell as our partner, as an extension of our regular helpdesk,” MacDonald explains.
Finding the Right MDM Fit
After evaluating several mobile device management solutions for the iPad, MacDonald says, ADT settled on MobileIron. “It allows us to do some nice things, like create a catalog of recommended and controlled apps,” she says. “We do it at that level, and then we blacklist some apps we don’t want them to have. As opposed to saying, ‘These are the only apps you can download,’ we tried to keep it really open, because it’s more empowering from that perspective. … That’s fostered a lot of innovation and collaboration as reps find new apps and learn from each other.”
In selecting an MDM provider, MacDonald suggests, the key is finding a company whose strengths match your needs. “Not everyone has all the tools. … We were working with another provider, and they just didn’t have the email capabilities to connect with our corporate email environment, which we needed at the time,” she says. “They were developing them, but MobileIron already had them … It’s a give-and-take, and they’re all catching up. That’s just the immaturity of the market and the device itself.”
With physical security, MacDonald says ADT is ultimately more concerned about protecting any data on the iPads than preventing loss or theft of the devices themselves. “As soon as something’s reported, we wipe it. We’d rather lose the asset than lose the data and lose any intellectual property on it,” she says. “We have started to look at processes to make people more accountable to the loss, especially if we think the loss is an employee theft or something like that … We’re starting to put some responsibility there.”
Breakage and other damage has proven to be a far greater concern than theft or loss, MacDonald says. “We decided to go with more of a professional look than a rugged look on the iPad, so we didn’t do Otterbox-like covers. We did more of a professional, branded look. While it does protect them to a point, we’re learning as we go that we have to continually infuse responsibility, that even though this is a corporate-provided device, that you have to have some accountability to take care of it,” she says.
Learning from Others
“A lot of what we have to do is develop processes around instructing people and a whole way to communicate with the field to make sure things are happening,” MacDonald says. “We can monitor things and see where things are at with our MDM tool, but we can’t push updates. And the devices are not multi-user devices, so when a rep goes away, we have to wipe the thing and start over. We can’t just create a new profile on that device.”
Any company considering a similar iPad deployment, MacDonald suggests, should take the time to meet with others who have done it before. “We thought we knew what we were doing, but we certainly learned a lot just by default. I’ve been able to share that within our own company to some other business units … I would work with others that are similar to what you’re trying to do, to understand the pitfalls of what they ran into,” she says.
It’s also crucial, MacDonald says, to anticipate speedy changes, both in the devices themselves and in the management tools for those devices.
“We tend in IT to think of our investments as being 10-year investments in a technology -– and we’re seeing things with mobile tools and mobile applications that didn’t even exist two years ago,” she says. “We have to get out of the mindset that things are going to last 10 years. In two years, you might be doing something completely different … So try to stay really agile, learn from others, and evaluate your selection based on what you have to have.”
Jeff Goldman is a freelance journalist based in Los Angeles. He can be reached at email@example.com.
Photo of businessman with tablet from Shutterstock.