If there's any company making mobile safe for business but useful for people, it's Apple. And Apple is making iOS and OS X even safer while remaining truly useful for people in the new content and application management APIs debuting in iOS 7 and OS X 10.9 Mavericks, detailed later in this post. The move will create a huge, positive shift in attitudes about business use of mobile tech, and I daresay PC tech as well, especially as third-party tools and software developers adopt the APIs.
And they will: AirWatch, Centrify, Citrix Systems, Good Technology, MobileIron, MobileSpace, and so on have already announced they will use the technology in their management tools (some are already shipping). In an interesting twist, MobileSpace is also providing similar capability for Android.
[ Galen Gruman describes a smarter approach to mobile security. | Mobile security: iOS vs. Android vs. BlackBerry vs. Windows Phone. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. ]
When Apple adopted Exchange ActiveSync (EAS) and added its own management and security APIs to iOS 4.2 in summer 2010, business joined the mobile revolution. Suddenly, IT could enforce password policies, be confident that on-device encryption was enabled, and even regulate device access to specific Wi-Fi networks, applications, and various services for users where locking down access was a legitimate security need. Over time, Apple has refined those controls in each subsequent iOS version and added many of them to OS X. Google copied the basic APIs for Android, and Samsung enhanced them to be closer to what Apple offers.
Thus, mobile device management (MDM) has become a largely settled issue. It may explain why so many vendors and IT organizations have set their eyes on another fear: loss of control over corporate information, such as email attachments, working documents, and the like. MDM can block access or restrict it to certain apps and network services, but it doesn't manage the content.
The industry response was a slew of proprietary tools that required developers to adopt vendor-specific APIs and use the vendors' own management tools or a handful of tools from partners. Few commercial apps risked committing to one mobile application management (MAM) API, and fewer committed to supporting multiple ones. Few IT organizations have been willing to make such a fundamental development commitment either, realizing that embedding proprietary APIs into their own apps locked them to specific vendors in a young, risky market -- and we all know how rarely companies rework old apps, as all those still-used ActiveX and Internet Explorer-dependent services attest.
Apple's new management APIs largely obviate those proprietary tools. If you adopted them or are planning to, pause now. Pay the $100 to become an Apple developer, learn the Apple APIs, and adopt them in your apps, whether they're for just your business or for public App Store distribution. You can bet that every major mobile management tool will adopt them -- and some system management tools will too, as they also work in OS X apps. Apple provides a common set of APIs all apps can use and all management servers can manage. If you need more than this new baseline, then you should consider proprietary APIs available from vendors such as Apperian, Good Technology, and MobileIron that provide richer, multilayer controls on top of the Apple APIs.
In fact, the new Apple APIs should point the way to make Windows PC's content secure. It's a dirty secret that for all the alarm bells raised over mobile content "loss," the real loss has been from PCs for years, and there's not much one can do about it while keeping them usable. But now Macs can be secured as if they were mobile devices. Perhaps Microsoft will adopt the Apple APIs to make Windows PCs truly securable without compromising usability.