Secure iPad Deployment Secure iPad Deployment By Mikhael Felker October 17, 2011 9:00 PM Tags : iOS Mobile Device Management Mobility Security iPhone iPad Management Hardware & Software Xml Music Policy Document Email Infrastructure Windows XP How To Configuration Windows Vista Extension Mobile Devices Itunes Connection Enterprise Apple Phones iPod Snow Leopard Ipod Touch Os X Download Health Table Of Contents 1. The iPhone Configuration Utility 2. iOS Initial Setup with Configuration Profiles 3. iOS Restrictions and Wireless Sections 4. iPad, iPhone Deployment 1. The iPhone Configuration Utility Given the rise of iPads, iPhones and iTouches within the enterprise, there is a growing need, either explicit or implicit, to enforce better security over these devices. We show you how to quickly secure iOS devices in 7 minutes or less. The goal is a secure (locked down) configuration of an iOS device; it’s likely an iPad, but could be an iPhone or iTouch. This article presents a quick and free option to securing iOS devices using an Apple provided utility called iPhone Configuration Utility (IPU). Apple oddly named this Utility iPhone Configuration Utility. However, as mentioned earlier, it’s applicable to the iPad and iPod Touch as well; perhaps Apple will rename it the iOS configuration utility in the future. What you Need: iPhone Configuration Utility 3.3 to manage iOS 4+ devices Download: https://www.apple.com/support/iphone/enterprise/Operating System Requirements:OS X 10.6 Snow Leopard or Windows (XP SP3, Vista SP1, Win7) all with .NET SP1 Our focus with the iPhone Configuration Utility (IPU) is to create and apply a configuration profile (in other words, deploy the policy) to an iOS device. Configuration profiles are XML files (usually with a .mobileconf extension) that contain device security policies, restrictions and provisioning settings. Once the configuration profile is set, it’s installed directly with IPU, via e-mail to an iOS device, by accessing the profile on a Web site, or OTA (Over-The-Air), which requires additional enterprise infrastructure. Note: We demonstrate the direct IPU connection deployment at the end of this article. There are four main configurable areas of the iPhone Configuration Utility (IPU): Devices Inventory of all current and previously configured devices (i.e., iPads, iPhones, iPod Touches); each device has a Name, Serial Number, Identifier and optionally Phone and Owner Name listed per record Applications Applications that can be installed on iOS devices (have .ipa extension). Usually found within the iTunes folder structure ~/Music/iTunes/iTunes Media/Mobile Applications Provisioning Profiles Authorization to use a non-AppStore application (custom enterprise App). Apple has a specific document for this area “Distributing Enterprise Applications for iOS 4 Devices” Configuration Profiles GUI configuration settings for iOS profile; create, modify and export configuration profiles to iOS devices For our current purpose, the main focus of this article is the last area listed: Configuration Profiles. Mikhael Felker is an IT pro who works for UCLA Health managing enterprise security initiatives. He teaches, writes, and speaks at numerous Southern California venues about technology. Next 1. The iPhone Configuration Utility 1. The iPhone Configuration Utility 2. iOS Initial Setup with Configuration Profiles3. iOS Restrictions and Wireless Sections4. iPad, iPhone Deployment Comment on this article ... Comment(s)| Comments