iPhones in the Enterprise: What’s A Company To Do?

iPhones in the Enterprise

Introduction

The Apple iPhone has made a tremendous impact in the mobile computing world. Its muti-touch capacitive interface, innovative hardware features (accelerometer, sensors) and a usable mobile web browsing experience revolutionized mobile computing.

Targeted for consumer use, the first generation iPhone was hardly thought of as having potential for business use. After all, Apple might be a household name but is typically only seen by enterprises in niche areas. However, more and more prosumers (individuals who are professionals as well as consumers) started requesting use of the iPhone in their business roles. The IT folks easily dismissed the device as not ready for corporate use due to the lack of security and management features. This started to change with the release of iPhone OS 2.0.

Good Enough for Enterprise Use?

With iPhone 2.0, Apple made a giant leap towards enterprise adoption with

  • Support for Microsoft Exchange ActiveSync – Email is one of the killer apps in the mobile world, and a significant percentage of enterprise customers are using Microsoft Exchange. In addition, Exchange ActiveSync has become a defacto standard for non-BlackBerry devices and a number of other enterprise email systems (Lotus Notes, Novell GroupWise) have built compatibility with ActiveSync as well. It also supports some key security features such as password policies and remote wipe.
  • VPN Support – The iPhone provided support for PPTP, L2TP/IPSec, and Cisco IPSec. Compatibility with Cisco VPN servers is a huge plus as many companies use Cisco for secure intranet access for their notebook users.
  • Enhanced wireless security capabilities – Apple now supports WPA Enterprise, WPA2 Enterprise, and 802.1X port-based authentication. And it is super-easy to set up compared to some other mobile platforms.

Organizations such as Disney, Genetech, and even the US Army provided video accolades of the iPhone in their everyday activities. Forrester research did a study of three companies (Kraft, Oracle, and Amylin Pharmaceuticals) who have major plans to incorporate the iPhone in their business processes. Even Gartner reversed their original position, pronouncing iPhone 2.0 ready for business (albeit with ‘caveats’).

However, some companies want more. Encryption of the data at rest is a key security feature that many are using for their notebooks. While device encryption does not exist for the iPhone first generation or 3G, it did come with the 3GS model. It is on by default and cannot be turned off. However, the encryption was demonstrated to be vulnerable, leaving companies with some doubt and uncertainty.

Play in the Sandbox

A few vendors have started to offer a ‘sandbox’ approach by offering a native iPhone app for email. This allows the application to implement its own security capabilities more independent of the iPhone OS. Companies such as Sybase (iAnywhere Mobile Office), Good Technology (Good for iPhone), and Excitor (Dynamic Mail Exchange) have applications that can be downloaded from the App Store and used in conjunction with a back-end server.

Some of the benefits of the sandbox approach are:

  • Security is independent of device security – The security features are specific to the application. So if a user decides not to configure a device passcode, the app can still require a passcode. This would enable all models to be used including first generation iPhone.
  • Remote wipe only wipes the app data and not the entire device – This can be of great benefit, especially for individual-liable devices (ILDs). An administrator can remote wipe the corporate email/PIM data while leaving personal content like photos and music intact.
  • They do not use Exchange ActiveSync – Why is this a benefit? Since you can only have one Exchange ActiveSync account, you can get your corporate email using their solution and use solutions like Google Sync for your personal email.
  • Enhanced features – Some offer capabilities beyond those in Exchange ActiveSync such as task synchronization and support for folders.
  • Push email functionality using Appple’s push notification – Before iPhone OS 3.0, you would have had to open the app to check for updated emails. With 3.0, Apple added Push Notification service which send notifications when you receive new emails without having the application running.

However, the solution does have some challenges:

  • It is yet another mobile messaging delivery system – If you already have BlackBerry Enterprise Server (BES) for BlackBerry devices and Exchange ActiveSync you now have a third system to manage, driving up costs and support resources.
  • They may not support some EAS (or iPhone) features – These products may have limited passcode features and may not support zoom in/out or landscape mode.

iPhone OS 4 to the Rescue?

As I was creating this blog entry, on April 8, 2010 Apple reviewed some of the capabilities it would be offering with OS version 4.0. Mainly:

  • Multitasking – This could be a boon to all of the mobile device management vendors which might allow them to create a real MDM client like they do for the other multitasking mobile platforms.
  • Support for Multiple Exchange ActiveSync accounts – Users won’t need to ‘manage’ which account they should use for ActiveSync.
  • Even better data protection – There was not not much information on this.
  • Mobile Device Management – Same as above.

With these features, it would seem to leave the sandbox approach in the dust (pun intended). I would take a wait and see approach to understand if Apple has provided capabilities for MDM vendors to work their magic. I think there will still be good reasons to use the sandbox approach:

  • Some 4.0 features will not be available for some models – Apple has stated that multitasking will not be available for iPhone first generation and 3G. If you need to support all models, 4.0 won’t get you there.
  • The app can be managed independently from the rest of the device – you can secure and wipe the app without disturbing the users other apps.

Epilogue

Enhancements made by Apple as well as tools provided by third party vendors are making the iPhone a more business-ready tool. It may take a while for it to have some of the rich enterprise security and management features of other platforms (if it ever does), but the iPhone has made significant inroads and will continue to play an increasing role in enterprise mobility.

Advertisements
Explore posts in the same categories: iPhone

Tags: , ,

Both comments and pings are currently closed.


%d bloggers like this: