The
Apple iPhone lacks encryption, robust central management
capabilities and the ability to integrate with localised
infrastructure making it an
unlikely choice for most businesses, according to analysts
at the Burton Group.
 | | | | | I would love it if our
organisation ran the iPhone for a standard device but there's just
enough missing pieces that it doesn't make sense for us at this
point.
Richard Monson-Haefel,
senior analystBurton
Group |
| | | | | |
| |
|
In an online panel discussion, the analysts said the device is
suitable for consumers to access e-mail, browse the Web and access
Web-based, Ajax-enabled applications. But cheaper devices that
mimic many of the iPhone's features may win out in the enterprise
marketplace of the future.
"The iPhone is unquestionably cool, but the Mac has always been
cool," said Jamie Lewis, CEO and research chair of the Burton
Group. "It's clear that the lines between work and life and the
devices you use in the different roles that you have will continue
to blur."
The iPhone was released in June and since then security
researchers have been clamoring to crack the smartphone's security
features. Since then, flaws were discovered in the Safari browser,
used by the iPhone. In July, a team of security pros at
Baltimore-based Independent Security Evaluators
discovered simple ways of taking complete control of the Apple
iPhone. Other security experts said that iPhone popularity
could
increase mobile phone attacks.
From a security perspective, the iPhone's lack of a centralised
management capability – it currently relies on the iTunes interface
for user management – takes the control of patching and
configuration updates out of the hands of enterprise IT pros. Users
can download security updates from a site provided by Apple.
"There's no way to force a patch or configuration change from a
central place," said Diana Kelley, vice president and service
director at the Burton Group.
Kelley said that the lack of centralised control coupled with
the iPhone's lack of encryption makes it an unlikely choice for
security-conscious enterprises, such as organisations in the
government, healthcare, and financial markets. While Apple makes it
difficult to store files on the iPhone, new software called the
iPhone Drive is available, and indications are that storage could
be made available in the future, making encryption even more
important for the device, Kelley said.
"There are a lot of issues with data leakage and organisations
are saying 'we don't want files being carried on a small device
that we can't control,'" she said.
Many enterprises have been trying to address issues related to
data leakage in the wake of many
high profile data breaches and
stolen laptops containing sensitive
information. Some IT shops are
deploying file encryption on laptops and even
full disk encryption to address the issue, Kelley said.
Still, some analysts believe the iPhone's limited features could
be ideal for many enterprises. Since the phone lacks the ability to
store enterprise data via cut and paste and download features, the
device currently doesn't need encryption, said Bob Blakley, a
principal analyst at the Burton Group.
The iPhone also lacks the ability to enable a user to store
local applications. This could benefit enterprises since end-users
could connect to Ajax-based Web applications, keeping sensitive
data stored on local servers, Blakley said.
"Any Ajax application that an enterprise chooses to develop is
going to be able to present rich information density and
interactions dialogue with the user," he said.
Blakley admitted that future software updates, driven by
consumers, could make the iPhone more prone to data leakage.
Still, Burton Group senior analyst, Richard Monson-Haefel, an
iPhone user, said he is hesitant to recommend use of the iPhone by
most enterprises. The need to store resident applications is
important in some job roles, he said, including field technicians
and service professionals. Even with a fast Internet connection,
downloading schematics and other large amounts of data could be
burdensome, he said.
"Technicians working in the field may need a massive amount of
data … and can't afford to spend time downloading without a fast
pipeline," he said. "I would love it if our organisation ran the
iPhone for a standard device but there's just enough missing pieces
that it doesn't make sense for us at this point."