Secure Wireless - iPad Vs. Android Tablet Security

Battle Royale: iPad and Android Tablet Security Compared
By

Some tablets have integrated mobile broadband, but most rely on Wi-Fi for high-speed Internet access. Secure Wi-Fi connections are thus critical for tablets used for business.

Apple iPads running iOS 6 support all common Wi-Fi security methods, including WEP, WPA and WPA2, with both Personal (PSK) and Enterprise (802.1X) authentication options (below). Apple tries to hide most Wi-Fi security settings from tablet users – for example, by auto-configuring PEAP parameters when connecting to a WLAN that requires username/password authentication. However, IT pros can use iOS profiles or MDM APIs to provision all Wi-Fi connection details, including digital certificates needed for 802.1X server verification or EAP-TLS user authentication. iPads running iOS 6 can also be set to use a global proxy, enabling enterprise control over traffic to/from iPads. 

iPad Supports All Common Wi-Fi Security MethodsiPad Supports All Common Wi-Fi Security Methods

One security concern is that iPad users cannot see or remove Wi-Fi network names to which they have previously connected but are no longer near. As a result, iPads keep trying to reconnect to those old Wi-Fi networks without the user’s awareness; this can result in unintended Wi-Fi connections to hotspot SSIDs, for example. IT pros can assess this exposure by using a Wireless IPS to monitor iPad-generated 802.11 frames.

Android tablets, including Samsung Galaxy Tabs, also support these common Wi-Fi security methods (below). However, Google takes a polar opposite approach to Wi-Fi connection management, exposing all detailed security parameters to end users but not to MDM agents that use device management APIs.

Android Wi-Fi Network AppAndroid Wi-Fi Network App

This is an area rife with extensions by vendors such as Samsung and Motorola that want to meet the needs of enterprises using WPA2-Enterprise (802.1X). In a similar fashion, Android tablet end users can see all previously-used Wi-Fi connections – including those no longer nearby. This puts the onus for old connection clean-up on the user, but does make the user aware of those old connections and any unintended consequences. Finally, Android 4 added support for Wi-Fi Direct, which can be used to form peer-to-peer connections between consumer electronic devices – for example, mirroring a tablet’s screen to a nearby display in Android 4.2. Businesses may find Wi-Fi Direct handy in some scenarios, but they should beware of (and monitor for) unauthorized use.

Winner: Apple iPads.

In this case, iOS 6 versus Android 4 isn’t a matter of underlying capabilities but rather visibility and configurability. When it comes to meeting IT pro needs for remote administration of secure Wi-Fi settings, Apple has the edge.

Comments