The dangers of the iPad in the wild

I received a great comment out on LinkedIn from Colin. He liked the post but raised a serious concern about how easy it is to move information into and out of the corporate walls. This topic struck me as a perfect blog post.

To start, I am not an IT person although I have worked in IT at various points in my career. However, I am a power-user on Windows, Office and generally all the departmental applications I use to run my department. I was one of the earliest adopters of Blackberries in my hospital about 6 years ago (kind of late compared to how long the Blackberry had been around at that point, but hey, I work in Healthcare). I was a fairly early adopter of the iPad (August 2010) and one of the first that felt comfortable enough to use an iPad in meeting at work. Through all of this time I made a point to keep up relationships with key staff in IT to maintain intel on technology IT was ready to (and not ready to) deploy in the hospital. In thinking about Colin’s statement as well as my decision making process on what I store out on Dropbox I figured it was time to write a post about security in the cloud and on the iPad.

To start with the end in mind, I can summarize this post with the following statement:

PUT NOTHING ON DROPBOX OR IN THE CLOUD THAT YOU WOULD NOT WANT SOMEONE ELSE TO READ!

I had always thought of Dropbox as a fairly secure service but there have been many, many posts over the past year about some of the inherent risks of Dropbox. Do a search on Dropbox security and you will see many hits on the topic. To summarize, Dropbox does encrypt files stored on their servers, but employees of Dropbox have the ability to de-crypt and view any of those files themselves. This is an issue of course if you consider your data sensitive or confidential in any way. Perfect examples would be SSN’s, medical information, financial information, confidential corporate information, legal documents, etc. If you care about the security of any of this information I would urge you NOT to store these files on Dropbox. All of this begs the questions, what is Dropbox really good for then? Well, I would say any non-confidential work documents, Christmas Lists, music, pictures, etc. So, Dropbox has its use; just never for confidential information without proper precautions.

There is a silver lining if you want to use Dropbox in a more secure way, but without iPad integration. You can choose to encrypt your files BEFORE copying them to Dropbox. There are many services that do this, the most versatile of which appears to be the “free” TrueCrypt; be sure to donate if find value in the product. In researching this post I downloaded TrueCrypt and installed it on my Mac Mini running Lion and my kids WinXP machine. Check out this post for a great how-to on installing and running TrueCrypt. I created a 25GB container file and stored it in the Dropbox folder on the MAC and then mounted the “file” on both of my computers; Dropbox automatically synced the container file to my kid’s machine. What TrueCrypt does is create a virtual drive each computer that you can store files on and access at will any computer with TrueCrypt installed. The beauty of this approach is that you are still leveraging the power of Dropbox but with the added security of encrypting your files BEFORE moving them onto the Dropbox Servers. Of course, this approach does eliminate the ability access your files on the iPad given that there is no TrueCrypt app.

So, how is it possible to be secure and use the cloud to share files with your iPad? Well, in my opinion you really can not be secure and follow the workflow I described here using Dropbox and GoodReader. What you gain in convenience, you give up in security. As I said above, put nothing unencrypted onto Dropbox if you don’t want someone accessing that file. One writer even said that he considers everything that he puts in the cloud as essentially a public folder.

All is not lost with respect iPad security however. There are build-in ways to keep information on your iPad encrypted and therefore somewhat secure with limited potential for un-intended access (assuming of course you are ok with sensitive stuff in the cloud). Simply search on iPad security and you will find many, many articles. My favorite one however is this one out on Macworld by Rich Mogull. Rich walks you through the process of enabling the iPad’s excellent build-in security and encryption features. If you have followed most of his suggestions (I can’t give up on the simple 4-digit pin vs. a longer password), your security settings should look like this:

There you have it, a very simple disclaimer/tutorial on the state of security in the cloud and on your iPad. The good news is that there are many excellent tools out there that will improve your productivity on the iPad. The bad news is that these tools should really only be used to access sensitive information for the benign and un-interesting rather than the confidential.

For some more resources on the topic, check out the following excellent articles.

Check the Storify Post I created to consolidate comments from a few locations that this post has been published to…

No comments

Trackbacks/Pingbacks

  1. A FREE way to store your passwords on your iPad « How-To « tabletproductive - [...] KyPass and Dropbox provides the ability to manage your passwords across all of your devices. Read this post on …
  2. Is Microsoft Sharepoint the real solution for improving your iPad Productivity at Work? « How-To « tabletproductive - [...] computer, home computer and my iPad. Needless to say, I was somewhat uncomfortable with this setup as documented here. …
  3. Box or Dropbox, which is better on the iPad? « Productivity « tabletproductive - [...] as the app for business, although I bet that Dropbox would dispute this given these new features. I wrote …
  4. Evernote Hacked, Now what? « Productivity « tabletproductive - [...] wrote this post way back in January 2012 focused on security concerns with Dropbox. Here is a clip from …
  5. Serious Productivity Tips for new (and old) iPad Owners « Productivity « tabletproductive - […] documents outside of my work network. I love cloud services like iCloud, Dropbox and Box, but for confidential work …

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

WordPress SEO fine-tune by Meta SEO Pack from Poradnik Webmastera

Free eBook: Introduction to iPad Productivity

As a busy blogger and iPad "expert", I get asked all the time about the tools I use to be productive on the iPad. So I decided to write a small book explaining some of the basics, the things that will get you using your iPad for work rather than play. This eBook is not a replacement for my iPad Productivity eBook, but rather an introduction for those of you ready to leave the laptop at work.

You can’t buy this eBook. There’s only one way to get it—by subscribing to my FREE email newsletter. Don’t waste any more time lugging that laptop around. Sign up today!

* indicates required
Email Format