Don't Fumble iPad Security with an NFL Playbook

11.09.2012

In the offseason, several NFL team moved their coveted playbooks to electronic form using iPads. They are relying heavily on iOS security to protect their team secrets. Could somebody hack into an iPad and steal a playbook Well, it depends. It depends on how well the overall security framework is setup around the iPad iOS and applications involved in reading the playbook.

Primary Areas of Risk

1. Physical Security -- If you lose your iPad and a bad guy finds it, it's game over. There are some ways to protect your data which I will get to shortly. You say "remote wipe." Sure, if it's on and within wireless network range.

2. Malware -- The "first" for iPad was discovered this summer in the Apple app store (I quoted "first" because I find it suspect). In July, Kaspersky found a malicious app in the iOS app stores called "Find and Call." The malicious app uploaded users contacts, then sent each contact an SMS message including a link to download the app.

[5 questions to ask about tablet security]

3. Operating System Vulnerabilities -- Humans make mistakes. These programming mistakes become operating system vulnerabilities which are exploited by threat against (hackers). This summer, Apple released iOS 5.1.1, which addressed three vulnerabilities found in iOS/Safari that allowed a hacker to establish a man-in-the-middle attack. In a man-in-the-middle attack web traffic is intercepted, read and likely save by a third party. The entire time end users (you) have no idea all your traffic is being read and recorded.