ipad/iphone security compliance

1) Are there any tools/techniques that can be used to centrally monitor the security configuration of all corporate owned ipads/iphones? we need assurance they all have passcode protection, but am unsure on how to go about getting such a report?

2) Secondly how easy is it to turn off password/pin protection on such devices by the end user?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Guy LidbetterCommented:
Hi there pma

In what capacity are they using the Ipads\iPhones? I assume mainly for email access?

You could use any number of MDM (Mobile Device Management) applications, or even activesync.

A few to mention are?
GOOD for Enterprise (GFE)      https://www1.good.com/
Airwatch     http://www.air-watch.com/
Mobile Iron    https://www.mobileiron.com/
Even Microsoft have their own version.   https://www.microsoft.com/en-gb/server-cloud/solutions/mobile-device-management.aspx

In all cases, users will be able to change the password, however it will place the device in non-compliance. With some of these they will not be able to provision unles sthey meet the requirement. If they change it after, you can run a report or be alerted and you can disable the device.



Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Neil RussellTechnical Development LeadCommented:
We run MobileIron as we found it the most complete at the time of evaluation. Airwatch however is now, I believe, far more advanced and if it was not for the cost we would migrate over.

We have compliance policies that in some cases will even stop the phone from connecting to the corporate email server, delete all current emails from the device and Alert us if ANY particular APP that we specify is installed on the device that WE consider to be a security risk.

You can do, almost, anything you want with it.
pma111Author Commented:
as opposed to change the pin/password, I wondered how easy it was for them to configure the device to not require a password/pin for convinience purposes. on windows devices we can deploy policies to enforce things like encryptions, password standards etc, but I just wanted to see if the same can be done for ipads/phones.

But yes email primarily
Guy LidbetterCommented:
Yes it can, in fact its actually easier on iPhones as they have been around a lot longer and the policy templates are top notch. You often find 3rd party MDM solutions don't even have a policy profile template for windows 7\8 phones as they are pretty new to the market  (Microsoft are keeping it close to their chest)

P.s. If you are using Windows Phones, stay away from GOOD.
pma111Author Commented:
But I guess what I am asking is without purchasing one of the aforementioned MDM apps, there is no way to provide a management assurance report that all ipads are encrypted/password protected?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.