Kindle Fire Sparks Enterprise IT Fears
New browser, Silk, and Amazon's cloud at the heart of IT security concerns.
Brace yourself: the Kindle Fire tablet from Amazon is coming at you -- November 15 according Amazon's pre-order page -- and enterprise IT absolutely needs to be ready.
"You need to define a company policy regard Kindle Fire ... now," said Brian Reed, CMO at mobility management company BoxTone. "This will be a substantially modified Android tablet that you need to be prepared for."
Say that again and louder: Pre-order sales for Kindle Fire, according to leaked reports, are brisk, with some 250,000 units sold in the first five days. Many experts are predicting the Kindle Fire (priced at $199) will be the holiday season's must buy gadget, and a certain upshot is that hundreds of thousands (maybe millions?) will be cascading into enterprise, demanding access to the network and to enterprise data.
Should they get it?
For starters, advice from experts is to prepare networking monitoring systems to spot activity from Kindle Fire so that when the avalanche comes you will be prepared.
"Enterprises need to accept that their employees will bring Kindle Fires to the workplace and access them on corporate networks. Denying this won't prevent employees from accessing the network ... You can use measures like a log management solution to track the activity of all devices on their network. So when those Kindle Fires are brought to work, you'll know exactly what they're being used to access," said Bill Roth, CMO at Log Logic, a compliance and network traffic management company.
On the one hand, say the experts, Kindle Fire will be much like any other Android tablet, with the same security pluses and minuses. It apparently will run on Android 2.3, a mature version of the OS.
That's not the problem area.
What is? That Kindle Fire will require users to access the Web via a new browser -- Silk -- that revolves around content caching and predictive content to make browsing more efficient. The downside: Amazon will know every online step taken by every user.
"Security considerations for the Kindle Fire are still emerging, but one big set of questions is around the Silk browser," said Kurt Roemer, chief security strategist at Citrix Systems. He added that he is surprised that Amazon decided to spurn established Android browsers such as Chrome or Opera. "Obviously they felt a need to do this, but this also is putting Amazon in the security business."
The key Silk question is if this is a tradeoff between privacy and efficiency, and can enterprise IT safely and securely sign off on that trade?
Any new browser triggers security concerns and one that with its own data handling techniques creates still more concern. That is why, right now, this particular jury is out but know that in assessments of Kindle Fire's suitability for enterprise, Silk will get much of the focus.
Amazon cloud fears
Kindle Fire also has built in access to Amazon's cloud for storage of big files (Amazon's marketing literature points to movies and songs as belonging in the cloud). Cautionary advice from enterprise IT pros is to turn off cloud storage for any company files and data. The obvious risk is that when stored in Amazon's cloud, it is Amazon that has to do the protecting of data and, for some companies, that is not good enough.
Amid all the negatives about Kindle Fire, however, there is one potentially huge and game changing positive: It will allow downloads of apps only from the Amazon Android Apps storefront, not from the Android Marketplace and not from the hundreds of other ad hoc Android storefronts scattered over the Internet. "This is a fascinating development," said Reed. "Amazon appears to be creating a curated environments similar to Apple's Apps store. This could win support from enterprise IT."
How many apps are in Amazon's Android Apps store? The company has not said but app writers will have noticed the huge Kindle Fire sales volumes and can be counted on to begin uploading their wares for review by Amazon. The number of apps is not likely to remain an issue.
A downside may be that enterprise will not be able to directly serve apps to the Kindle Fire as it can to any other Android device, but the benefit will be eliminating worries about the unmonitored, rogue Android apps stores that are the primary sources of malware on the devices. Force all downloads to go through Amazon ( a la Apple's playbook) and it is a huge step towards a more secure Android.
Bottom line? Like it or not, Kindle Fire will be knocking on your network's door within six weeks, maybe sooner. "You need a policy," said Reed. And you need it now.
As a busy freelance writer for more than 30 years, Rob McGarvey has written over 1500 articles for many of the nation's leading publications -- from Reader's Digest to Playboy and from the NY Times to Harvard Business Review. McGarvey covers CEOs, business, high tech, human resources, real estate, and the energy sector. A particular specialty is advertorial sections for many top outlets including the New York Times, Crain's New York, and Fortune Magazine.
October 19, 2011
Because the browser encrypts all traffic between users and Web sites, the company says it can help to improve security when being used on unprotected Wi-Fi networks.