iPhone a security one-trick pony?

iphone-jail The iPhone’s entertainment features has resulted in significant pressure on IT departments to support devices which entered enterprise environment via the back door.

Unfortunately, while the iPhone, via its Exchange Activesync implementation, supports some security features like remote wipe, its enterprise feature set is severely limited.

In fact Apple’s pretence at security could be seen as Trojan horses that IT should be wary of, notes Tower Group’s Egan. The availability of such tools mislead enterprise users into thinking the iPhone is compatible with enterprise-class security and compliance needs, when it is not. “The minute you try and interact and deploy management and security and qualify applications on a large scale, there’s nothing there,” he says.

According to Bob Egan, chief analyst at the Tower Group, there is virtually no security and management inherent in the iPhone that he would consider enterprise-class.

While the model of the Appstore and Over the Air application downloads has been very successful, this has not extended to  the valued enterprise ability to push applications to devices.  In fact, to install any enterprise-created application not already in the app store requires plugging the iPhone into iTunes, not exactly enterprise-class software.

“The iPhone has a consumer distribution model for applications that Apple has been successful at, but it is not aligned with how enterprises buy, qualify, and maintain applications. The distribution model is broken,” says Egan.

According to Infoworld, although Apple offers the free iPhone Configuration Utility for setup, security, and policy management, it’s nothing like the BlackBerry Enterprise Server (BES), Microsoft System Center Mobile Device Manager, Nokia Intellisync Device Management, or Motorola Good Mobile Suite that enterprises are used to having.

Apple’s restrictions on 3rd party apps means there is also limited ability for them to patch the holes left by Apple. Software to enable full-device encryption, freely available for older Windows Mobile devices which do not have the feature natively, are not available on the platform, and given Apple’s restrictions may never be.

A further problem is that while Apple places restrictions on the abilities 3rd party applications have, the only enforcement that takes place is via cursory scrutiny during its approval process, meaning a malicious or just over-reaching application with security concerns can easily slip into the market undetected. Richard Stiennon, chief research analyst with IT-Harvest, agrees. “The open, or even partially open, APIs cannot be easily secured,” he says.

Steinnon notes that, unlike BlackBerry and Windows Mobile,  the iPhone and Android OS were designed primarily for consumers.

Egan says enterprises make platform decisions that are not typically driven by the usability of a single device. Until Apple is willing to talk about its long-term enterprise strategy or compliance, management, and security, he calls the iPhone a one-trick pony.

Read more on the iPhone’s enterprise security challenge at Infoworld.com

Some links in the article may not be viewable as you are using an AdBlocker. Please add us to your whitelist to enable the website to function properly.