Security for corporate-owned iPads is a hot topic right now for many organizations. It can draw fire from all sides, especially if it’s a new mobility initiative and security is a concern. Yaacov Cohen, co-founder and CEO of Harmon.ie, turned me onto the concept of the data less iPad for corporate iPad security. It’s a secure — albeit draconian — method for locking down your corporate iPads. With this approach, no data or corporate information actually resides on the iPad.
Here are some tips about how you can implement a data less iPad for your organization:
Conduct training and set usage policies upfront: The introduction of the corporate iPad is going to attract a certain amount of internal buzz, no doubt, so security training and policies are a must, especially if you decide on the data less iPad approach. The training should cover security, access, and modifying corporate data from the device, plus a sign off that the user agrees to the security policies.
Review documents for mobility: Mobility initiatives can raise new concerns about document access and management. Taking the data less iPad approach restricts document access and editing to a SharePoint site or the cloud. For most organizations, to get to that point requires a thorough audit of all the documents mobile users may need to access so that the latest version is available on your SharePoint team sites or cloud storage. The days of employee personal document stashes on local hard drives, devices, or even personal cloud storage have to end for this approach to work.
Audit your current mobile to SharePoint site access: With SharePoint client apps for the iPad, such as harmon.ie: SharePoint Mobile Client and the others I covered in “Top iPad apps for accessing SharePoint,” there are a number of secure iPad-to-SharePoint access options. Look for a SharePoint client app that lets you keep your data in the cloud, not the local device.
Revisit SharePoint site security: If you’re going the data less iPad route for security, then Cohen recommends opening up your SharePoint site to the outside world using HTTPS or forms-based authentication.
Use Office Web Apps not iPad Office apps: There are some very capable native iOS Office apps, such as QuickOffice pro HD, iWork, and Documents To Go Premium, but taking the data less iPad route means resorting to Office Web Apps for your mobile users to access documents. Office Web Apps ships with Microsoft SharePoint 2010 and 2013, so even if your organization doesn’t currently use it, the option is in house and available for your data less iPad effort.
There are some downsides with using Office Web Apps on an iPad, specifically with performance and user experience. After all, it is a cut down version of the desktop Office suite. Figure A shows how the Word 2013 Web App appears on an iPad.
Word 2013 Web App preview as seen on an iPad.
Use enterprise-level iPad security features: If just keeping documents off your corporate iPads isn’t enough to quell your security fears, then it’s time to look at other measures for locking down corporate iPad access. This takes the initial concept of the data less iPad up a notch. Mobile Device Management (MDM) solutions such as Zenprise MobileManager, AirWatch Mobile Device Management, and Boxtone allow you to set polices and other measures to lock down your corporate iPads. You can also use the Guided access feature in the upcoming iOS 6 for locking down the iPad and other iOS devices.
Data less iPads without SharePoint
While SharePoint is a common platform for corporate document management and collaboration, not everybody lives in a SharePoint world. You can take the data less iPad principles forward even if you aren’t a SharePoint shop. In fact, the Office Web Apps option in the previous section is also available if you access Microsoft SkyDrive through your iPad’s browser.
The Google mobile client might be an option if your organization uses Google Apps for Business. Google Docs access is available under Applications. It’s a scaled down version of the full Google Docs experience, but when writing this post, the performance was remarkably better than Office 2013 Web Apps when running on Wi-Fi on my iPad.
Another interesting option for keeping your documents in the cloud is CloudOn, a mobile workspace that sports the full Microsoft Office suite. It supports access to the documents that reside in your Box, Dropbox, or Google Drive accounts. Figure B shows Microsoft Word 2010 open in the CloudOn virtual workspace:
CloudOn includes a full version of Microsoft Office in a virtual workspace.
While the data less iPad may not jive with Bring Your Own Device (BYOD) iPads, you can keep corporate data off those iPads by using a subscription-based Desktop as a Service (DaaS) solution, such as a Citrix or Desktone client app, connecting with a cloud hosting provider holding a virtual desktop with Microsoft Office. Such a virtual desktop could then connect to your enterprise network to access documents without a document ever having to reside locally on the iPad. DaaS is also an option for accessing internal SharePoint sites.
Lock it down with the data less iPad
The data less iPad is just one of the corporate iPad security methods out there. While it airs more on the draconian side, even as a pilot test, the security measures it espouses can help highlight what needs to be done to secure access to your corporate documents from an iPad.