Security services vendor, Context Information Security, has identified security failings in three of the most popular tablets, raising concerns for organisations looking to introduce BYOD.
The company investigated a number of security controls to determine whether they were suitable for enterprise use. These included data protection, software integrity and updates, access control, security configuration profiles and connectivity, along with backup and synchronisation.
Context found that while all three tablets have reasonably good support for Exchange ActiveSync, (which means that the core security configurations can be managed from a central Exchange server), there are significant differences in security levels between the Galaxy tablet and the iPad and PlayBook.
According to the company, the iPad, Samsung Galaxy Tab and BlackBerry PlayBook were put under the security spotlight.
“It is difficult to ignore the growing presence of tablet computers in the home and workplace offering a blend of productivity, connectivity and physical freedom which has never been achieved before,” Context principal consultant, Jonathan Roach, said.
It said the Samsung Galaxy Tab was found to have serious weaknesses that make it difficult to recommend for use within the enterprise space.
The Samsung Tablet was found to not ship with a locked bootloader and Context said the disk encryption provided weaker support.Even when encryption was enabled on the Galaxy, it allowed badly-written apps to store sensitive information on the unencrypted SD card, the company said.
It added that a lack of enterprise-level management tools beyond ActiveSync also meant that it is very difficult to manage more than a small number of Galaxy Tabs in an enterprise environment While the iPad and Blackberry PlayBook were reported to perform better, both still have security problems including desktop software that do not encrypt backups by default, context said.
Despite its popularity as a consumer device, the iPad was shown to have robust data protection and damage limitation facilities. However, vulnerabilities included the regularity of new jailbreak attacks and ineffective disk encryption, unless a strong passcode policy was applied.
The BlackBerry was the only device that Context found to have a workable solution to BYOD and provide good separation between personal and work data.
It stated that its Balance architecture in combination with the Bridge application, provide excellent logical and data separation between work and personal modes.
“Context’s research suggests that most tablet manufacturers still have a way to go before their products can deliver the high levels of security required for use in most corporate enterprises,” Roach added.