When you're looking into tablets for work, be sure to consider features that help to keep your data safe and secure--it's an especially important factor since tablets are mobile devices and likely to be carried out of the office. Many tablets today do come with built-in hardware and software features for enhanced encryption, password protection, secure VPN (virtual private network) connections, and more. A combination of hardware and software tools can give you more peace of mind when you're carrying your important work files out in the field.
Microsoft announced on Wednesday the consumer preview of Windows 8, and made it available for download. Several new boot features, such as Trusted Boot, Secure Boot, and Measure Boot, should prevent malware from hijacking the boot process, and can use the TPM (Trusted Platform Module) chip to ensure a computer's integrity. Performance improvements in BitLocker make hard-drive encryption faster, lessening the impact on productivity. And SmartScreen services make browsing the Web safer by protecting you from phishing and socially engineered malware attacks. You can check out some of these features for yourself by downloading and installing the consumer preview on a current Windows 7 tablet.
Even though Apple markets the iPad primarily at consumers, the tablet comes with a decent set of built-in security features. Tools to help users set up an iPad in a secure business environment include Microsoft Exchange ActiveSync integration (to push policies to a fleet of devices), VPN server configuration, over-the-air profile delivery and configuration, and mobile device management, such as remotely wiping or locking a device.
The iPad also uses 256-bit AES hardware encryption to protect all the data on the device. You can encrypt data backups made in iTunes as well.
Apple's page of resources offers more details on available management tools.
With so many Android tablets on the market, it can be difficult to keep track of which device does what. Upgrades to the newest version, Ice Cream Sandwich (Android 4.0), are beginning to roll out to current tablets, and some new tablets run ICS, but most Android tablets you can buy today still run Honeycomb. The good news is that Honeycomb already has some good security features built in.
Policy management allows developers of device administration applications to support new types of policies, such as encrypted storage, password expiration, and requirements for complex characters in passwords. Users can configure an HTTP proxy for each Wi-Fi access point, with a proxy hostname, port, and any bypass subdomains.
Lenovo ThinkPad Tablet
In addition to the software features baked into the Android OS, some manufacturers are producing tablets with a specific focus on business users. Lenovo's ThinkPad line has always been business-oriented, and the ThinkPad Tablet with Android is no exception. Features include full device and SD Card encryption, port blockers, and secure email access.
The tablet also comes with Computrace, which lets you freeze the device, delete data, and perform other remote security and management functions in case it's lost or stolen. Bundled as well is McAfee Mobile Security, a suite of security software that includes Virus Scan Mobile, McAfee WaveSecure, and McAfee SiteAdvisor for Android.
An upgrade to Android Ice Cream Sandwich is on the way, bringing more security features.
Motorola Droid Xyboard 10.1
Motorola's Droid Xyboard 10.1 comes with Motorola's "Business Ready" designation. That means the device is built to work with your corporate network and uphold your IT department's security policies.
Security features include password protection and recovery, government-grade device encryption, remote wiping of devices, IPsec VPN, and Enterprise Device Management and Control.
Samsung Galaxy Note
The 5.3-inch Galaxy Note may stretch the definition of a tablet, but Samsung has included several security features that make it suitable for holding sensitive business data. Hardware encryption via Samsung On Device Encryption covers all data, such as contact names and numbers, email messages, and email attachments. Mobile device management allows users to access enterprise assets securely. The Galaxy Note also supports a variety of VPN options, including Cisco AnyConnect, Juniper Junos Pulse, F5 Networks, and BIG-IP Edge Gateway.
An Ice Cream Sandwich upgrade is "coming soon" for the Galaxy Note.
Samsung Galaxy Note 10.1
Other Samsung tablets, including the Galaxy Tab 10.1, have recently received FIPS certification. FIPS certification indicates that a tablet meets strict security and interoperability standards, qualifying it for use in government and by private industries that collect and transmit Sensitive But Unclassified (SBU) information.
In addition, Samsung has announced a larger version of the Galaxy Note, the Note 10.1, which will come with Samsung-Approved for Enterprise (SAFE) certification as well. Security features will include Exchange ActiveSync support, On-Device Encryption, Cisco VPN, and Juniper Junos Pulse VPN.
Ice Cream Sandwich Advanced Security Features
The latest version of Android, Ice Cream Sandwich, hides many new security features under its shiny exterior. The native email app supports EAS v14 and EAS certificate authentication, provides Allow/Block/Quarantine (ABQ) strings for device type and mode, and allows the disabling of automatic sync during roaming. Face Unlock turns your own face into your password to unlock the device.
The mobile OS has many new features for developers to secure their applications too. Apps can store and retrieve private keys and their corresponding certificate chains for better credentials management via a new keychain API and encrypted storage.
A built-in VPN client provides access to L2TP and IPSec protocols. Additionally, a new VPN API and secure credential storage give applications access to configure addresses and routing rules, process outgoing and incoming packets, and establish secure tunnels to a remote server.
RIM has long been a leader in providing secure smartphone access to business email. When the PlayBook first came out, email access still passed through a BlackBerry smartphone, maintaining the security that BlackBerry users are accustomed to. With the new 2.0 OS update, email and social network messages are now available through a unified inbox directly on the PlayBook. The underlying QNX technology combined with BlackBerry security keeps data safe.
Windows 7 may not be best suited to a tablet interface, but when you need to run software that works only on Windows, a Windows tablet is what you need. Another advantage of such a tablet is that you'll get all the familiar security tools you're used to working with. Many Windows tablet manufacturers are including hardware security features such as fingerprint readers and SmartCard slots as well.
Windows 7 comes with Windows Defender, User Account Control, a built-in Backup and Restore program, and a firewall. Your device can join a domain with the Professional and Ultimate editions. The Ultimate and Enterprise versions also come with BitLocker for full hard-drive encryption.
The Fujitsu Q550 comes with an array of hardware security tools, including a fingerprint sensor, an integrated SmartCard reader, and an optional embedded Trusted Platform Module (TPM) chip. The BIOS is Computrace-enabled, and you can set both user and supervisor BIOS passwords. You'll also find a physical SAS (secure attention sequence) button, more commonly known as the Ctrl-Alt-Delete combination that allows users to join domains, among other things.
Motion CL900 and HP Slate 2
Motion has long made tablets for the medical industry, where the security of patient data is essential. The rugged CL900 tablet runs Windows 7 and is available with optional TPM and Computrace to protect sensitive data. The CL900 also comes with a physical SAS button.
The HP Slate 2 offers similar hardware security, including a TPM chip, Computrace, and a physical SAS button.