iPhone’s Security For Business Under Scrutiny Again

RIM, Microsoft Windows and Symbian are “first-class enterprise citizens” but the Apple iPhone and Google’s Android OS don’t make the cut

The presence of Apple iPhones in the enterprise has increased, but the debate about whether the iPhone provides sufficient enterprise-level security continues. While some say it’s possible to manage iPhones within an enterprise, others believe it’s wiser to refrain.

Odyssey Software is in the latter camp. Odyssey’s primary offering is a mobile device management solution, for the Microsoft Windows Mobile platform, called Athena.

Mark Gentile, CEO of Odyssey, is keen to point out the challenges IT faces in managing mobile devices: employees connecting to public networks, the growing variety of devices in the workplace, devices lost in airports and taxis. Even when IT standardizes on a platform and configures each device, said Gentile, “You still hear things like, ‘Oh, my son was using it to play this built-in game… and the e-mail settings on the device somehow got modified.’”

The drift away from approved settings is natural, Gentile told eWEEK, but knowing exactly what assets you have out there, and “having the facilities to maintain the desired configurations, is very important.”

Which is the part where Gentile becomes critical of the iPhone.

“Apple locked out the ability to make [the iPhone] truly enterprise manageable,” said Gentile. “[As far as] communication drift, and understanding what’s on the device — guess what? An ISV can’t do that.”

Apple has a complete list of all the software on an iPhone, but organisations can’t access this, Gentile explained.

“At this point in time, it’s impossible for us to write software to go through the list of applications that are installed on the iPhone because they exist in a type of sandbox — a little protected area — and the information can’t get out to interrogate the device and tell it what’s there,” said Gentile.

Gentile insisted there are security reasons for this — that Apple doesn’t do it merely to be difficult — and also that the new SDK (software development kit) offers a small improvement, enabling a few background tasks to run. Although these, he said, are user-selectable, meaning that users, despite IT’s wishes, can opt out.

“If Apple wants to make this a first-class enterprise citizen, they have to yield a little, or have a certification process, or a mobile operator certification class,” said Gentile.

For e-mail through Microsoft Exchange, calendaring and tasks, Gentile believes the iPhone is fine for enterprise use. “But would I want an iPhone connecting to my secure corporate network? Probably not.”

Android, too, “is sandboxed,” said Gentile, but he pointed to Windows, Symbian and Research In Motion as examples of platforms that enable IT to enforce appropriate levels of policy for the enterprise. Still, he said he’s hopeful about Apple, and mentioned Odyssey has a project in the works that he couldn’t yet discuss.

“I think Apple’s going to come around,” said Gentile. “I think maybe with a little more nudging, they’re going to improve [the SKD] even more.”

With a new Apple iPhone and the Pre from Palm both anticipated for June, Gentile agrees that it’s going to be a tough summer for IT.