Читать книгу iPad at Work For Dummies - Galen Gruman - Страница 11
Part I
Getting Started with iPad at Work
Chapter 3
Ensuring Your iPad’s Security
Keeping Work and Personal Data Separate
ОглавлениеFew employees worry about the commingling of their personal and work data, but IT departments do. That’s because many businesses need to monitor where company information goes, as well as what information flows through their networks, to comply with legal auditing requirements, investigate potential security breaches, and investigate other legal issues such as sexual harassment.
Anything that flows through your company’s network is visible to your IT department. Any data stored on equipment, whether the company owns it or not, that connects to your company’s information systems could be required in a legal case, which means that your personal equipment and accounts could be subject to access, review, and even requisition.
But don’t be scared: These are worst-case scenarios that explain why your company likely has policies governing how you can access information from the company on your equipment and what personal activities you can do at the office. They also explain why your company may require you to use mobile device management software (described later in this chapter) or at least enable remote wipe on your iPad if you use it for work.
Separating work and personal isn’t so easy
The best strategy for addressing these concerns is to keep information you want private off any system that accesses corporate systems. Or vice versa. In extreme cases, you’ll have separate phones, iPads, and computers for work and personal use – that’s the norm in the defense industry, for example.
Outside of such highly regulated industries, the formal norm has been to use company email systems only for company information, and to save your personal affairs for your home computer.
But most of us long ago crossed the work-personal divide in our computing, such as by bringing work home to work on our home PCs, accessing email from our smartphones and home PCs, and increasingly using our own iPads at the office. After all, many professionals are expected to get the job done no matter how long it takes or where they are, and to be available as needed.
The usually unspoken rule is that employers let you handle personal issues at the office or work at home sometimes to handle personal issues such as watching the kids on school holidays – you work from home, and you can do personal stuff on “work time” and even on work equipment. The expectation is that you will use personal email for personal correspondence and use the web to do personal business rather than install personal software on your work devices.
Legally, that strategy still exposes your personal devices and accounts to investigations and monitoring, but the cleaner your separation, the less likely that any investigation will need to go through your personal information.
If IT disables access to your work accounts, such as when you leave the company, your iPad may retain some of that data in its local storage. (You set how long such data is kept in the Settings app’s Mail, Contacts, Calendars screen for each account.) I suggest that you delete that account from your iPad and then back up your device to iTunes or iCloud (see Chapter 2) – doing so will remove the remaining company info from your iPad and its latest backup.
Drawing a line between personal life and work on your iPad
So, what does this mean for the iPad? This section covers some strategies to use to minimize the mixing of personal and business on your tablet.
Email, calendars, notes, tasks, and contacts should be stored on separate servers
As Chapter 2 explains, the iPad supports multiple accounts for the servers that handle this information, and I recommend that you use them.
When composing emails in the Mail app, be sure the From address is from the correct account; if not, tap the current account name in your email message and choose the correct one. If you go to the Mailboxes view in the Mail app on your iPad, shown in Figure 3-1, you can tap the desired account from the Accounts list to work only in that account. This is a great way to avoid mistaken use of the wrong email account. (Tap the upper-left button on the Mail screen until you see the Mailboxes screen.)
Figure 3-1: The Mailbox screen in the Mail app.
The Calendar app lets you restrict what calendars you can see by tapping Calendars and choosing the desired calendars in the pop-over that appears. But when you create an event, you can select the calendar it goes in, and because they are color coded, it’s pretty easy to make sure that the right calendar is set for each event – and it’s easy to edit an appointment to change the calendar it’s stored in.
The Reminders app for tasks works similarly; choose the desired account from the list at the left, as Figure 3-2 shows.
Figure 3-2: The Reminders app shows accounts at the left.
Keeping accounts straight in the Notes app is not so easy. You can’t change which account a note is assigned to, for example, nor can you choose the account for a new note. So, to take meeting notes, make sure that you’re using your work account, not your personal one. Tap the Accounts button at the upper left of the Notes screen to get a list of accounts, then tap the one you want to work in.
You can set the default Notes accounts on the Settings app’s Mail, Contacts, Calendars screen. But it’s easy to forget what your default is and inadvertently enter a note in the wrong account.
If you want to be extra safe, use different apps for personal and business data. For example:
✔ You might use Microsoft’s free OWA app for work emails, contacts, and appointments (if your company uses the Office 365 service) and Apple’s Mail, Calendar, Contacts, Notes, and Reminders for personal information. Figure 3-3 shows the OWA app. (OWA stands for Outlook Web Access, Microsoft’s name for its Webmail website that the OWA app is based on.)
✔ You might use NitroDesk’s TouchDown app ($19.99, or free if your business has an enterprise account) for work emails, contacts, and appointments, notes, and tasks (if your company uses Microsoft’s Exchange server), and use Apple’s apps for personal information. iKonic Apps’ Mail+ is another option for Exchange users, but it supports just email, calendars, and contacts.
✔ Your company might supply a separate suite of apps for accessing corporate email, calendars, and so on. Mobile device management suites typically offer such separate app sets, as described later in this chapter.
✔ You might use Apple’s apps for work functions and, say, Google’s Gmail app for personal emails.
Figure 3-3: The Microsoft OWA screen supports email, calendars, and contacts for Office 365 users.
However, that “separate apps” strategy isn’t as easy to do on the iPad as on a computer. The reason: There aren’t alternatives to Apple’s apps that work on all the popular services and cover the same range of functions.
For example, Microsoft’s OWA app doesn’t handle notes or tasks, and it works only if you use the Office 365 service. TouchDown covers the same bases as Apple’s apps but works only with Exchange servers (which covers most larger companies). And Google has a native iPad app only for Gmail, not for Google Contacts or Google Calendar, and it has no tasks or notes tools.
About the only way to get a comprehensive alternative to Apple’s apps is for your company to invest in a mobile device management service, described later in this chapter.
So, chances are that you’ll use Apple’s apps and will need to keep account separation clearly in mind as you use them.
Documents should be stored separately, too
A big concern among IT managers is company data being copied to devices that they can’t monitor, potentially providing an escape hatch for sensitive data that they can’t trace to the leaker. That concern has been around as long as the home PC, of course, but it’s still real.
To work on a document, chances are that you have to make a local copy for your iPad, using the Open In service described in Chapter 17. After that’s done, the document – or that copy, anyhow – is no longer under IT’s control or within its ability to monitor.
But you can minimize the commingling of work and personal documents by using separate apps and storage services wherever possible.
For example, you might use Apple’s excellent iWork suite consisting of the Pages, Numbers, and Keynote apps (see Chapter 5) for personal documents; and use Microsoft’s also excellent Office suite of the Word, Excel, and PowerPoint apps (see Chapter 6) for business documents – assuming that your company uses the Office 365 service, which Office for iPad requires.
The Microsoft Office apps don’t let you share documents with other iPad apps, other than send them as file attachments in Mail. And they restrict you to saving files only to Microsoft’s OneDrive and SharePoint services, to the Dropbox cloud storage service, or to the Office apps’ internal storage on the iPad, as Figure 3-4 shows, though you can copy files from other apps, including Mail, into the Office apps. Thus, Microsoft Office for iPad makes it a bit harder to share its data with the rest of your iPad.
Figure 3-4: The Microsoft Office apps (Word is shown here) restrict document storage to just a few locations.
Of course, that separation is not complete. You can set up a personal OneDrive or Dropbox account and move files to it from the Office for iPad apps, and then share the files with other apps and services from the OneDrive or Dropbox app on your iPad or the OneDrive or Dropbox service from your computer. But doing all that takes a plan and some effort, so Microsoft Office is still a good option to prevent inadvertent commingling of business and personal files.
A similar strategy is to use different cloud storage services for work and business documents, such as Dropbox or iCloud Documents for personal files and Box or OneDrive for work documents. In some cases, as Chapter 16 explains, apps can directly read and write files stored on these services. Office for iPad can do so for OneDrive and Dropbox, and Apple iWork can do so for iCloud Documents and Box, for example.
Consider separating your web activities
One of the most convenient features of Apple’s Safari browser is that it syncs bookmarks, passwords, and credit card information across its iPad, iPhone, Mac, and Windows versions – if you’ve signed into the same iCloud account on those devices, of course. But that feature also means that your personal and work web information are synced within the same account as well.
Therefore, you might consider using two browsers – one for personal and one for business. That second browser should be the free Google Chrome, which also syncs bookmarks and passwords across all devices signed into your Google account, as Figure 3-5 shows.
Figure 3-5: As does Apple’s Safari, Google’s Chrome browser syncs bookmarks and passwords across multiple devices.
You might use Chrome for work and Safari for personal business, or vice versa. Because both iCloud and Google are considered personal services by IT departments, they’d probably prefer that you use neither for work, but you don’t really have a choice: Microsoft’s Internet Explorer is available only for Windows, and Mozilla’s Firefox is not available for iOS.