Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Stolen iPads A Special Problem For Fed Agencies
Newest First  |  Oldest First  |  Threaded View
FlavoredAir
50%
50%
FlavoredAir,
User Rank: Apprentice
11/1/2011 | 9:04:21 AM
re: Stolen iPads A Special Problem For Fed Agencies
You must not have been a math major in college. The iPads that the government are buying are not top-of-the-line 64gig 3G units. They're buying 16gig units, some of which have 3G and some of which have just wifi. The base price of an iPad 16gig with wifi only is $499 - and that's NOT including the federal discount that they get (~10% off, sometimes more if bought in higher numbers).

The cost of securing these devices - on a per device basis - is far cheaper than securing any Windows computer. The sheer amount of money spent on software and hardware to protect a desktop or laptop within the government is astronomical in comparison to what's spent on a similar level of securing an iPad.

And how do I know this? I'm someone who has overseen a federal deployment of iPads just a few months ago at another HHS agency.

If you're going to bloviate, at least do it with facts, not speculation posing as fact.
Bprince
50%
50%
Bprince,
User Rank: Ninja
10/31/2011 | 6:10:57 PM
re: Stolen iPads A Special Problem For Fed Agencies
As someone whose phone slipped out of his pocket in a cab once (I was able to get it back thankfully) I feel like I can relate somewhat to someone losing a device or having it stolen. I think rather than trying to stop people from using popular devices, it may be a better strategy to focus on device management and protecting the data on the device itself through encryption, data masking, etc if it is sensitive.
Brian Prince, InformationWeek contributor
ajones320
50%
50%
ajones320,
User Rank: Apprentice
10/28/2011 | 1:07:04 AM
re: Stolen iPads A Special Problem For Fed Agencies
Why do the feds use excessively overpriced hardware in the first place? I know that it doesn't matter if a 2000$ or 500$ laptop gets lost with sensitive data on it, but how about buying a cheap 500$ Windows laptop and spending 1000$ on securing it...still cheaper than a friggin iPad.
John Douglas
50%
50%
John Douglas,
User Rank: Apprentice
10/27/2011 | 9:28:50 PM
re: Stolen iPads A Special Problem For Fed Agencies
At some public restrooms where anyone, including government employees, are allowed to use the keys, they chain them to big boards. Or spoons to the pen at the front desk. Maybe if we encase the iPad in an PC terminal, no one will walk off with it.
Bob Forsberg
50%
50%
Bob Forsberg,
User Rank: Apprentice
10/27/2011 | 8:05:12 PM
re: Stolen iPads A Special Problem For Fed Agencies
Anyone who has worked for or used Government facilities and services realizes the rank and file employees are not the sharpest tacks in the box or the most honest.

Placing large ID/serial numbers or a persons name and phone number on these items would keep theft of iPads at a minimum. Apple provides that service for free. You just need to ask when purchased.

Using readily available consumers products is a great idea for government agencies. It minimizes $20 pencils, $400 hammers and $2,800 toilets.
Tom LaSusa
50%
50%
Tom LaSusa,
User Rank: Apprentice
10/27/2011 | 4:26:50 PM
re: Stolen iPads A Special Problem For Fed Agencies
Maybe the issue here is that there are just some Tech sectors -- Gov't for instance -- that should not be allowed to embrace consumerization.

Tom LaSusa
InformationWeek


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-37436
PUBLISHED: 2021-07-24
Amazon Echo Dot devices through 2021-07-02 sometimes allow attackers, who have physical access to a device after a factory reset, to obtain sensitive information via a series of complex hardware and software attacks. NOTE: reportedly, there were vendor marketing statements about safely removing pers...
CVE-2021-32686
PUBLISHED: 2021-07-23
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback and ...
CVE-2021-32783
PUBLISHED: 2021-07-23
Contour is a Kubernetes ingress controller using Envoy proxy. In Contour before version 1.17.1 a specially crafted ExternalName type Service may be used to access Envoy's admin interface, which Contour normally prevents from access outside the Envoy container. This can be used to shut down Envoy rem...
CVE-2021-3169
PUBLISHED: 2021-07-23
An issue in Jumpserver 2.6.2 and below allows attackers to create a connection token through an API which does not have access control and use it to access sensitive assets.
CVE-2020-20741
PUBLISHED: 2021-07-23
Incorrect Access Control in Beckhoff Automation GmbH & Co. KG CX9020 with firmware version CX9020_CB3011_WEC7_HPS_v602_TC31_B4016.6 allows remote attackers to bypass authentication via the "CE Remote Display Tool" as it does not close the incoming connection on the Windows CE side if t...