Apple introduced their iPad 2 yesterday during a product launch at their Cupertino, CA headquarters. The device appears to be significantly improved in many ways: faster processor, more ram, slimmer, sleeker and at the same starting price of $499. Apple stated that they are poised to make a deeper push into corporate America. As mobile devices continue to penetrate deeper into corporate networks, security professionals such as myself are faced with challenges of securing such devices. What do you do when a user comes to you and says can I use my iPad on your network? You are faced with a decision on security:
* What type of policy does your company have for such requests?
* What type of risks would the company face for allowing the user to use their non-company provisioned device on your network?
* If you were to not allow the user to use the device, what measures do you have in place to actually enforce your decision?
* If you were to allow the user to access the network, do you have software that they must install so you can monitor their device?
Companies such as Mobile Iron offer solutions to allow corporations to secure non company provisioned devices.
These are just a few questions that security professionals must consider when faced with such a security decision.