The breathless response to the new iPad Air suggests that the latest generation of Apple’s tablet is poised to send hordes of corporate laptops out to pasture. Phrases like “laptop killer” and “desktop powerful” are being tossed around as liberally as tweets about the latest episode of Homeland.
Whether or not that is hyperbole remains to be seen, but corporate iPad management seems destined to loom large as an IT issue.
Security, of course, is a top concern. A one-pound device that is thinner than a legal pad can disappear faster than you can say “A7 chip.” Even with new iOS 7 security features like per-app VPN and enterprise single sign-on, data protection needs to be high on the IT agenda. Other issues like controlling what apps users can access when they’re on company premises must be addressed as well.
The best strategy is to have iPad management processes and security policies in place before the tablet tsunami hits. What should be on your list? Here are five places to start.
1. Set up corporate security profiles for user groups
User access control policies and settings should be centrally configured to ensure that iPad users have secure access to the corporate network. Profiles should cover areas such as the following for groups of users.
- Business app access control
- Passcode, encryption and single sign-on policies
- App blacklist/whitelist policies
- VPN, WiFi access and Email settings
2. Control app access by location
Most iPads used for business will be employee owned, so it is not possible to control users’ app habits when they are away from the office. But a company can prevent employees from using unwanted apps on its premises. Combining blacklisting and geofencing will do the trick. Simply block apps within specific work location boundaries for blacklisted categories such as gaming, movie or TV streaming services. The apps will be automatically reactivated when employee leaves the geofenced work locations.
3. Containerize corporate information
All documents and other content pushed to iPads used for business should be wrapped in a password-protected secure container and automatically removed when the user exits the application. This not only helps thwart data thieves, but also segregates personal files in the event that an admin must wipe business data when an iPad is lost, stolen or belongs to an employee who is leaving the company.
4. Use encryption
iPads should be encrypted to prevent access to corporate data in the event of device theft or loss. When individual users select a device passcode, the content on the iPad is automatically encrypted. The content on the device is automatically decrypted once the user is authenticated. By centrally enforcing passcode policies, organizations can better protect the content on iPads used in the work place.
5. Enable selective remote wiping
iPads can be remotely located, locked and erased using the Find My iPhone app for iPad. But using the “Erase” feature of this app deletes all data on the device, both business and personal. Having a way to limit wipes to stored or cached business information will help save personal photos, apps and other personal digital effects and a lot of headaches for your company.
The easiest path to these iPad management capabilities and many more is to adopt a cloud-based mobile device management (MDM) solution that supports iOS7 on iPad Air. Remember: the iPads are coming. Get ready for the onslaught sooner rather than later.