This week, Apple launched the iPad 2 with great fanfare. CEO Steve Jobs returned from his self-imposed medical leave to introduce the updated gadget himself. On the apple website, iPad 2 is proclaimed as "Thinner. Lighter. Faster. FaceTime, Smart Covers. 10-hour battery." Should we add the words "Data Sieve"? Read on.
As reported in the Globe and Mail, Cygnos - an Ottawa-based company hired by the federal government to provide security advice - contacted the newspaper in response to a report that "a growing number of cabinet ministers and senior officials are using the tablets."
What concerns me and should concern you is just why Cygnos felt compelled to set the record straight on the security of iPads. The company told the Globe and Mail that it completed a research project recently in which it set out to determine the security of health records on behalf of a client. The company found that computer hackers who get hold of an iPad can use what is known as "jail breaking" techniques to bypass passwords.
I did a quick search of the Internet and found many web sites that give information on how to "jail break" at iPad. Note that while some of these web sites provide information for free, others are selling commercial products. I'm not endorsing any of them but am citing them as an indication that "jail breaking" is commonly available and old news to very sophisticated users.
Cygnos also told the Globe and Mail that tablet computers may also be vulnerable to remote hacking because the web browser does not have the same level of virus protection as found on most desktop or laptop computers.
In preparing its report, Cygnos tested the iPad. The company did not conduct its research using the new iPad 2. However, a spokesperson for Cygnos says the company doubts that Apple has addressed these security concerns in the new model.
The Globe and Mail quoted other security experts who disagreed with the findings of Cygnos. A researcher with the firm Securosis dismissed Cygnos' concerns as "fear-based speculation." However, researchers at the Germany-based Fraunhofer Institute for Secure Information Technology reported last month findings similar to those of Cygnos.
As a health professional who works in the ER of a busy hospital, I'm concerned about the security of patient data. In my long career in medicine, I have never seen gadgets take off as quickly among my medical colleagues as the iPhone and iPad. Here's the thing. These devices haven't been adopted from the top of the hospital on down. The uptake has clearly been bottom-up. End users have brought tablets and iPhones into hospitals and have started using them - and IT departments have been playing catch up ever since.
The potential good that can come from these devices is enormous. They enable health professionals, students and residents to write up clinical notes, look at x-rays and lab reports, arrange consultations, and surf the Internet for the latest medical information.
That said, these devices may also be vulnerable to serious breaches of data security on an almost limitless scale.
Before we dive in, let's not get carried away with gadget lust. Let's get the security details right. Privacy and lives may depend on it.