The simple facts are these: Unlike its main smartphone competitors, Apple does not offer large organizations a set of centralized application software controls to push applications and policies to the iPhone or to control the device's applications. Although Apple offers the free iPhone Configuration Utility for setup, security, and policy management, it's nothing like the BlackBerry Enterprise Server (BES), Microsoft System Center Mobile Device Manager, Nokia Intellisync Device Management, or Motorola Good Mobile Suite that enterprises are used to having.
Bob Egan, chief analyst at the Tower Group, says there is virtually no security and management inherent in the iPhone that he would consider enterprise-class.
[ What's the iPhone missing for the enterprise? InfoWorld finds a baker's dozen in omissions. ]
Apple hasn't completely ignored the enterprise
However, that's not to say Apple has taken no steps at all to satisfy consumer cravings to use the device at work. For example, in the first version of the iPhone, a user could not synchronize e-mail, so road warriors who read and deleted messages on their iPhones had to delete the same missives when they got back to the office. This was also true of calendar entries. But iPhone OS 2.x supports Microsoft ActiveSync, allowing e-mail synchronization with Exchange, and IBM has added a similar capability to the iPhone for Lotus Notes users.
The ability to wipe out all data remotely -- and thus remove a major security fear -- was also added to iPhone OS 2.x.
However, one of the primary benefits of BES is the ability to install applications remotely. Although Apple has promised business users this capability, so far it is still all about using iTunes as the way station. IT can install custom programs into employees' iPhones without having to publish the software through Apple's App Store, but doing so requires each iPhone user to be cabled to the desktop for the transfer.
"The iPhone has a consumer distribution model for applications that Apple has been successful at, but it is not aligned with how enterprises buy, qualify, and maintain applications. The distribution model is broken," says Egan.
Third-party management solutions are available
With no enterprise-class management system from Apple, independent software developers have begun to target specific management and security areas.
For example, Astaro announced an alternative to the Cisco VPN solution built into iPhone OS 2.x. In a typical heterogeneous network environment, the Cisco tie-in meant that iPhones could only talk to servers enabled with Cisco VPN software, which not all companies use.
Purewire offers some security control as well. It configures a proxy for the iPhone so that e-mail and Web connections initiated by a user are first sent to its datacenter, where Purewire enforces policies created by IT. It also offers its own anti-virus tools to block malicious scripts hiding within Web sites.
And Zenprise provides a troubleshooting tool for the iPhone that monitors and fixes user issues, such as not getting e-mail or calendar entries on the iPhone.
Security issues will only get trickier
Richard Stiennon, chief research analyst with IT-Harvest, agrees that the current iPhone security and management tools aren't up to snuff. The problem will only get worse due to the iPhone's use of open APIs, which help them interact better with other tools and services, but also open paths for malware. "The open, or even partially open, APIs cannot be easily secured," he says.
Steinnon expects security vendors to offer more, and more capable, tools as user demand for the iPhone forces businesses to bring them in. That's true not just for the iPhone but for all mobile devices designed primarily for consumers, such as the Google Android platform, he notes. That's pretty much everything but the BlackBerry and perhaps Windows Mobile.
Skeptics maintain that the iPhone is no more than a toy
Tower Group's Egan sees such point tools for business iPhone management as Trojan horses that IT should be wary of. The availability of such tools mislead enterprise users into thinking the iPhone is compatible with enterprise-class security and compliance needs, when it is not. "The minute you try and interact and deploy management and security and qualify applications on a large scale, there's nothing there," he says.
Egan says enterprises make platform decisions that are not typically driven by the usability of a single device. Until Apple is willing to talk about its long-term enterprise strategy or compliance, management, and security, he calls the iPhone a one-trick pony.