Mobile
News
11/16/2011
09:12 AM
50%
50%

Kindle Fire Hits The Office: 5 Security Concerns

As proud owners of the Amazon Kindle Fire tablet walk this device through your company's front door, enterprise IT should be prepared.

With the first Amazon Kindle Fire tablets delivered as of Tuesday, IT managers now face salient security and privacy questions: How much of a threat do these tablets pose to enterprise data and systems, and how can risks be mitigated?

For starters, as with netbooks, the iPhone, iPad, and Android smartphones and tablets before it, expect the hot-selling Kindle Fire to quickly arrive at work, and in quantity. Amazon recently increased its order for production from 4 million to 5 million units, and in the run-up to the holiday season, who's going to want to park their tablets at home?

So with the tablets becoming the latest in "bring your own device" chic, be sure to keep these five security and privacy questions--and challenges--in mind:

1. Attackers Like Android. Kindle runs Google's Android operating system. It's been highly customized. But as far as mobile device operating systems go, Android is an attack magnet. Even if attackers have so far failed to monetize their attacks, which hacker wouldn't want to rack up the first Kindle malware? (Perhaps by exploiting the latest vulnerability in the WebKit open source browser engine that powers the tablet's Silk browser?)

2. No MDM Yet. Unfortunately, whatever your company's mobile device management (MDM) tool of choice, don't expect it to work with Kindle, at least not yet. In fact, as Savid Technologies CEO Michael A. Davis has noted, securing Kindle Fires in the workplace will be a challenge, not least because Amazon isn't letting the devices access Android Market, from where needed commercial security tools, such as MDM clients, can be downloaded. Accordingly, CIOs may want to block Kindle Fires from connecting to the business network, at least initially, as much as users may not like that answer.

[ How good is your mobile device management strategy? See Top 5 MDM Must-Do Items. ]

3. Amazon Adds Walled Garden. On balance, the Kindle Fire may come to rank as one of the most secure Android devices. That's because, taking a page from Apple's walled garden model, Amazon is requiring all developers to submit their apps to Amazon for review before they're allowed to be listed. If Amazon can imitate Apple's success at keeping malware off of its devices, it will be doing its users a big favor.

4. Will Amazon Sell Security Apps? Still, Apple has famously blocked many types of security applications from its Apple Store. While security experts and developers can debate whether or not an iPhone, iPad, or iPod Touch is susceptible to viruses, amongst other types of attacks, Apple clearly doesn't want the word "antivirus" coming anywhere near its AppStore. Will Amazon take a different tack with its Kindle Fire shop, given that its devices run Android, which faces many more attacks than iOS?

5. Kindle Data Privacy. To accelerate browsing on the Kindle, Amazon runs non-SSL traffic through its Amazon Elastic Compute Cloud (EC2), which functions as a Web proxy, but which also allows it to store a list of websites that people visit. "The data collected by Amazon provides a ripe source of users' collective browsing habits, which could be an attractive target for law enforcement," according to the Electronic Frontier Foundation.

Still, there's an easy fix. "For users who are worried about these privacy issues and about putting a lot of trust in Amazon to keep their data safe, we recommend turning off cloud acceleration," the EFF said. Of course, will the owner of the season's must-have budget tablet willingly impede their online experience in any way, even if business data might be involved?

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
moonwatcher
50%
50%
moonwatcher,
User Rank: Ninja
11/16/2011 | 8:56:27 PM
re: Kindle Fire Hits The Office: 5 Security Concerns
As shown on another blog. other, non-Amazon approved apps CAN be installed on the Kindle. The example they gave was installing a Barnes and Noble client software on a Kindle, just to see if it could be done. It could. That opens up the possibility that unsecure apps CAN be installed by a tech savvy user. IT Departments should beware.
InformationWeek Elite 100
InformationWeek Elite 100
Our data shows these innovators using digital technology in two key areas: providing better products and cutting costs. Almost half of them expect to introduce a new IT-led product this year, and 46% are using technology to make business processes more efficient.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.