A new white paper from Context Information Security reveals that most tablets going into enterprise are vulnerable when it comes to security, raising concerns for those adopting bring-your-own device (BYOD) schemes.
The firm’s ‘Tablets in the Enterprise – A Hard Pill to Swallow’ whitepaper claims that Apple’s iPad and RIM’s PlayBook are the most secure tablets and asserts that the PlayBook’s ability to effectively separate personal and work makes it the most workable solution for BYOD.
The report was less enthusiastic about the prospects of Samsung’s Galaxy Tab, however. Chosen because it was a 'good representative' of other Android tablets, Context says that the tablet has some ‘serious security failings’ and therefore cannot recommend the slate for enterprise users.
Context says that all three tablets (a WiFi-only iPad 2; a PlayBook; a WiFi-only Samsung Galaxy 7.0 Plus) offered relatively good support for Exchange ActiveSync, which allows core security features to be managed by a central Exchange server, but saw significant differences in overall security between the Galaxy and the iPad and PlayBook.
Looking at tablets in reference to data protection, software integrity and updates, access control and security configuration profiles, as well as backup and synchronization, the researcher says that both the iPad and BlackBerry offer robust data protection and 'damage limitation facilities'.
That said, the firm reveals that the iPad (running iOS 5) is vulnerable to new jailbreaks and offers ineffective disk encryption, with iTunes commonly saving back-up files in clear text.
Context was even more damming when it came to the Samsung model, claiming that it does not ship with a locked bootloader and that the disk encryption is weak and intrusive to use. Even when encryption is enabled, badly-written apps could still store sensitive data on the unencrypted SD card, reveals the report.
Furthermore, Context adds that a lack of basic enterprise-level management tools means only a handful of Galaxy Tabs can be managed at one time, a problem which the firm also encountered with Apple's iPad.
"It is difficult to ignore the growing presence of tablet computers in the home and workplace offering a blend of productivity, connectivity and physical freedom which has never been achieved before," says Jonathan Roach, principal consultant at Context and author of the report.
"The device format is perfect for social networking and creating and sharing documents, presentations and other content on-the-fly, but the same characteristics also present tough security challenges for organisations.
"Our research suggests that most tablet manufacturers still have a way to go before their products can deliver the high levels of security required for use in most corporate enterprises.”