ReMarkable Data Security: How to secure Remarkable Tablets in a Business Environment

New technological advances have become an integral part of daily office life. One device that has gained popularity in recent years is the Remarkable tablet. The Remarkable tablet is a paper-like display and features intuitive note-taking capabilities. Its application in corporate circles is undeniable, revolutionizing meetings, presentations, and data digitization. But as they say, every coin has two sides – the digital transformation brought by the Remarkable tablet also brings security challenges that cannot be ignored.

As an Information Security professional, one of my many resonsibilities are to safeguard sensitive corporate data. So how does an Information Security professional secure these devices?

Perspective Helps

Although it's a matter of when and not if before we hear of a data breach involving a ReMarkable tablet, it's important to get some perspective on what we're dealing with which will help us with our security controls. The tablet is a digital paper notepad at it's core. One that, unfortunately, can't be enrolled in a mobile device management solution (as of writing) but it can be protected with a passcode, which brings me to the first security control.

1. Secure ReMarkable with a Passcode

A simple four to six-digit code can be the first line of defense against attempts at unauthorised access. Ensure that employees create a complex, non-obvious code.

Here's how:

1. Go to Settings.
2. Tap Security and toggle Passcode to On.
3. Enter the new passcode.
4. Verify the new passcode.

2. Enable Auto-Updates

Firmware and software updates are not just about adding features – they’re about patching vulnerabilities. Kudos to ReMarkable ont his one as auto-updates are enabled by default. However, I'm a huge fan of the "trust but verify" approach when it comes to security controls. Check that employees have auto-updates enabled in the tablets settings to keep them updated to the latest versions to benefit from the latest security enhancements:

1. Tap Menu in the upper-left corner.
2. Tap Settings in the sidebar menu.
3. Under Software, tap Version.
4. Here you'll be able to turn automatic updates on or off.

3. Remarkable Cloud

ReMarkable Cloud is a cloud sync feature used to sync the files between devices. If the tablets are being used soley for business purposes this feature should be disabled as it introduced a DLP (Data Loss Prevention) risk by letting employees transfer their files between non-corporate devices and bypassing your existing DLP controls.

The argument could be made here that the same DLP risk exists with regular paper, however a clean desk policy, employee data handling training and confidential paper shredding facilities are common in most businesses to reduce this risk. If employees are using the tablet for both personal and business use, this is a risk to be considered if your business supports the use of ReMarkable tablets.

4. Training & Awareness

The human element plays a crucial role in security. Train your employees on best practices for using Remarkable tablets securely as well as general data handling best practices like erasing any sensitive data from notes at the end of the day whether paper or digital. Make them the first line of defense against potential breaches. I've seen businesses distributing desktop whiteboards for call centre note taking that are wiped clean at the end of every shift, a very simple but effective solution.

5. Periodic Inspections

Periodically inspecting these settings are still configured as intended is a good way to correct any config drift amongst your ReMarkable tablet users. For privacy reasons this control may only be applicable for businesses that issue ReMarkable tablets for business use only and this was communicated to the employee as one of the conditions for providing the tablet. Although the privacy of your employees needs to be considered, checking these controls can all be done without accessing any of their notes.

Conclusion

The Remarkable tablet can indeed be a remarkable addition to any corporate arsenal, streamlining workflows, boosting efficiency and even adding more security than paper if protected with a passcode. However, embracing this innovation without considering the security implications is akin to inviting a trojan horse within your gates. By implementing the above security controls, you can transform your Remarkable tablet into a resilient guardian of your corporate data, ensuring that elegance and enterprise coexist harmoniously.

If you enjoyed this post, please consider supporting my work through the button below or becoming a free subscriber, it really helps, thank you!

If you're a business and would like to discuss consulting services, you can request a free consultation here: https://www.megabytesandme.com/services/

Thank you!