iPad Pro: Apple's enterprise-grade offering is an urban myth

To get into the enterprise, Apple needs to get messy. It needs to take risks. It needs to rip off the band-aid.
Written by Jason Perlow, Senior Contributing Writer

An iPad equipped for the enterprise. For the last several years, you might as well be talking about Bigfoot, Slender Man or the Loch Ness Monster.

Last year, prior to Apple's iPad launch event, I talked a lot about what challenges Apple faces in the enterprise with the current consumer products and potentially, what qualities an "enterprise" iPad should have. Let's review.

  • iPads are brought into enterprises, but aren't really designed for that purpose.
  • Apple is fixated on attractive industrial design, not durability, so 3rd-party accessories that try to mitigate this problem have to be used.
  • Lack of sufficient RAM and processing power means sophisticated, mission-critical apps cannot be run on the device, it has to be implemented as SaaS or remote on a different platform. This creates fundamental architectural design limitations and problems at scale.
  • In addition to RAM and processing power limitations, lack of a high-resolution, pressure-sensitive digitizer with accompanying smart stylus effectively eliminates the entire creative content market as well as other important verticals from the iPad's reach.
  • Lack of an OEM keyboard accessory means you can't type for extended periods. 3rd-party accessories are necessary to fill this gap.
  • Lack of true hardware-enforced enterprise-grade security.

As to the last bullet point, Apple did introduce Touch ID into the iPad Air 2, and iOS 9 is going to enforce six-digit PINs. This is certainly an improvement, but that's a far cry from true hardware-enforced security, such as the Trusted Platform Module (TPM) built into many laptops.

The basic $500-street Surface 3 with an Intel Atom x7 has a TPM. And this is a consumer-grade hardware device that can run even the Enterprise version of Windows 10. Even $250 Chromebooks use TPMs.

Both Windows and Android as well as Chrome OS also support MDM-enforced file system level encryption (Windows uses BitLocker, depending on policy enforcement; whereas Android, as of Lollipop, has their file system encryption turned on by default) iOS does not encrypt at the full file system level -- it encrypts at the file level and only selected data.

It is widely believed that for iOS, Apple uses an implementation of TrustZone, or Trusted Execution Environment, which was designed by ARM. That being said, there are many ways TrustZone can be implemented, some more sophisticated than others, but Apple hasn't been particularly forthcoming about how their implementation works.

In lieu of a TPM, on iOS devices Apple uses a "Secure Enclave" to store key encryption data,as well as the ability to support remote wipe through Find My iPhone and 3rd-party MDM systems.

In theory, Secure Enclave is also there to prevent your iPhone or iPad (equipped with current A-series processors) from leaving the unlock screen without your PIN and/or matching fingerprint data.

That being said, the fundamental architecture of Secure Enclave is not as sophisticated as the combination of TPM and filesystem-level encryption. X86 devices also have EFI Secure Boot, which adds yet another layer of security.

Macs implement EFI security slightly differently than Windows or Linux, but they are comparable in functionality.

Let's get back to functional requirements. Our resident hardware blogger, Adrian Kingsley-Hughes wants an OS X tablet, not an iOS-based one.

While I agree that OS X is a more capable OS than iOS, it isn't engineered to work well on tablets (heck, it doesn't even have touch APIs like iOS or Windows 10 does) and it doesn't have a tablet/convertible transition mode like Windows 10 does.

Most importantly, there's no way for the huge base of iOS apps to run on OS X yet in a seamless fashion. Obviously the iOS development environment/iOS emulator for Mac OS X can do this, but it's not exactly a user-friendly OOBE solution.

If Apple's got something like that in the works, then we're talking stealth mode on a rather large scale, a la "Marklar" because no large-scale beta testing of this sort of thing has occurred yet.

An Intel-based iPad would certainly be interesting and it would help overcome many of the limitations outlined above (it would also introduce the possibility of a Secure Boot architecture using Intel's EFI), but it would also present a lot of problems.

Getting developers to port their stuff over to x86, even with the best migration tools, would be a challenge and a massive scale effort, even for Apple and its devoted developer ecosystem.

A better solution would be to port a variant of OS X to the A-Series SoCs and to add the convertible/transition extensions along with an iOS execution environment, or to add some of OS X's more desktop-like features to iOS.

Either way we're talking about some kind of platform convergence effort and maintaining a special code base just for this tablet -- unless Apple is actually committed to maintaining a unified OS for both their enterprise tablets and laptops, and a "mobile" derivative for iPhones and consumer iPads.

Does this exercise sound familiar? Does it sound messy and fragmented? Could it result in years of churn and failed adoption? Yes. Do we think we're going to see anything nearly this ambitious on September 9 or launched in 2015 from Apple?

Hell no.

Rather, what we're going to see is a bigger iPad, with a larger, higher resolution screen, with maybe a higher-resolution pressure-sensitive digitizer/accompanying pen accessory, and -- if we're lucky -- more RAM than a "consumer" iPad and a more powerful SoC so more exploitative apps can be ported. An OEM keyboard accessory, perhaps.

But even if they deliver all of the above, it still won't be an enterprise-class device. And that would be a shame, because the enterprise is really the only growth area that iPad has left.

To get into the enterprise, Apple needs to get messy. It needs to take risks. It needs to rip off the band-aid. I'm just not sure that's something they are willing or even equipped to do, even with Big Blue in tow as their pitchman.

Will the iPad Pro really be an enterprise-grade device? Or will it just be larger? Talk Back and Let Me Know.

10 Best keyboards for iPad Air 2 (Sept. 2015)

Editorial standards