PDA

View Full Version : iPad security and confidentiality question




Coeuspolus
Oct 4, 2010, 10:45 AM
I just purchased an Ipad and I had a question about security and confidentiality:

I am not completely sure if I'm going to keep the Ipad or return it. In
order to determine that, I need to be able to work on it. If I open up highly
confidential Excel files, Word docs and PDFs on the Ipad (through dropbox and email, most likely) but ultimately decide to return the Ipad, can I be certain that those documents will not be viewable to an Apple tech or refurb customer? Is
there a way to clear the system or the cache with certainty? For instance,
in the past when I've sold or donated a laptop/computer, I've used
software to shred files and then re-installed the OS, to wipe over any remnants of those files. Can one do this with the Ipad? Thanks.



grapes911
Oct 4, 2010, 10:48 AM
If I open up highly
confidential Excel files, Word docs and PDFs on the Ipad (through dropbox and email, most likely)

I'm going to stop you right there. Dropbox is not fit for "highly confidential" files.

maturola
Oct 4, 2010, 10:49 AM
do a "erase All content and settings" them restore and them do another DFU restore, that will overwrite the flash several times over that no recovery program will be able to read it (unless you sell it to NSA or YOU work for NSA, in that case I would just keep the iPad ;) )

Coeuspolus
Oct 4, 2010, 04:21 PM
Can one use anything like a DBAN program?

maturola: Thanks. I will read about this method and give it a try.

grapes911: It may not be too secure (I wouldn't know), but it's approved for my department and we use encryption.

grapes911
Oct 4, 2010, 04:27 PM
grapes911: It may not be too secure (I wouldn't know), but it's approved for my department and we use encryption.

It's secure. It's actually very secure as your files are encrypted. The problem is that Dropbox can decrypt your files and read them so it's not very good for "confidential." Apparently that's for another thread though. :)

h00ligan
Oct 5, 2010, 03:39 AM
Let me expand on what has been said.

Everything on your iPad is encrypted from the get go, you dint have to do anything. When you 'erase all content and settings' it blows out the encryption key. It doesn't erase anything like dban, nor does it need to. Once the encryption key is gone, the data is gone for all intents and purposes.

As far as drop box security..it's fine if you are using something client side before shipping data, but if your data is 'that critical' that would be the only way any real security minded person would ok a drop box policy...and at that point, you can't open it on the iPad.

If you are allowed to just throw the word/excel files in a drop box folder, you're kidding yourself that the data is potentially too sensitive for the iPad, as that would basically be a near zero security policy.

The same goes for allowing the ilex to be emailed. If you aren't required to encrypt them first, they cant be too sensitive or you have a very very bad security person in your it dept.

DataThief
Oct 5, 2010, 04:54 PM
Might not be a bad IT guy, could be his boss. I once setup a secure system for a client, his sales people traveled overseas a lot and worried about customs officials getting corporate data. Trained the sales people in its use, they were fine with it. Their boss took one look at it and said naw he was just going to use passwords on the excel files, that was the most secure way ( he was told this by his son ), I just smiled and said yes sir. I got paid either way, and onto the next job.

Dropbox is fine if your using it to store encrypted files, but since the ipad has no encryption app your out of luck.