Some tablets have integrated mobile broadband, but most rely on Wi-Fi for high-speed Internet access. Secure Wi-Fi connections are thus critical for tablets used for business.
Apple iPads running iOS 6 support all common Wi-Fi security methods, including WEP, WPA and WPA2, with both Personal (PSK) and Enterprise (802.1X) authentication options (below). Apple tries to hide most Wi-Fi security settings from tablet users – for example, by auto-configuring PEAP parameters when connecting to a WLAN that requires username/password authentication. However, IT pros can use iOS profiles or MDM APIs to provision all Wi-Fi connection details, including digital certificates needed for 802.1X server verification or EAP-TLS user authentication. iPads running iOS 6 can also be set to use a global proxy, enabling enterprise control over traffic to/from iPads.
One security concern is that iPad users cannot see or remove Wi-Fi network names to which they have previously connected but are no longer near. As a result, iPads keep trying to reconnect to those old Wi-Fi networks without the user’s awareness; this can result in unintended Wi-Fi connections to hotspot SSIDs, for example. IT pros can assess this exposure by using a Wireless IPS to monitor iPad-generated 802.11 frames.
Android tablets, including Samsung Galaxy Tabs, also support these common Wi-Fi security methods (below). However, Google takes a polar opposite approach to Wi-Fi connection management, exposing all detailed security parameters to end users but not to MDM agents that use device management APIs.
This is an area rife with extensions by vendors such as Samsung and Motorola that want to meet the needs of enterprises using WPA2-Enterprise (802.1X). In a similar fashion, Android tablet end users can see all previously-used Wi-Fi connections – including those no longer nearby. This puts the onus for old connection clean-up on the user, but does make the user aware of those old connections and any unintended consequences. Finally, Android 4 added support for Wi-Fi Direct, which can be used to form peer-to-peer connections between consumer electronic devices – for example, mirroring a tablet’s screen to a nearby display in Android 4.2. Businesses may find Wi-Fi Direct handy in some scenarios, but they should beware of (and monitor for) unauthorized use.
Winner: Apple iPads.
In this case, iOS 6 versus Android 4 isn’t a matter of underlying capabilities but rather visibility and configurability. When it comes to meeting IT pro needs for remote administration of secure Wi-Fi settings, Apple has the edge.
- Making Tablets Safe for Enterprise Use
- Platform Security - iPad Vs. Android Tablets
- Device Access Control - iPad Vs. Android Tablet Security
- Remote Lock/Wipe - iPad Vs. Android Tablet Security
- Stored Data Encryption - iPad Vs. Android Tablet Security
- Secure Wireless - iPad Vs. Android Tablet Security
- Secure VPN - iPad Vs. Android Tablet Security
- Conclusion - iPad Vs. Android Tablet Security