Are iPhone encryption features on the way?

The iPhone should not be considered part of a secure mobile email environment. I believe Apple is working hard to improve its security and remote manageability right now, but today it is not suitable.

If an iPhone synced with an Exchange server is lost, there is currently no way to remotely wipe the device, or otherwise disable it, other than by changing domain credentials and contacting your telephone company to block the SIM card identifying the mobile user.

Download this free guide

Computer Weekly's Buyer's Guide to GDPR Part 2

In this 12-page buyer’s guide, we look at the tools that could be used for compliance, the incentive to create a smarter, leaner business, and the myths surrounding the new rules.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

The stored data is not suitably protected by iPhone encryption, so any locally stored data (email and attachments, for example) is potentially accessible by the thief. Recent versions offer '10 strikes and wipe' for device passwords. This feature, though rarely implemented, allows the iPhone to wipe its user memory if too many incorrect PIN/passwords are entered. The BlackBerry has had the wipe function for a very long time, and Windows Mobile devices have had it more recently.

It is also trivial to spoof an OpenZone wireless access point and convince an iPhone user to part with their domain credentials over the air.

Several important vulnerabilities have been found in the iPhone, including some as part of the 50-vulnerability roll up patch released recently.

By contrast, BlackBerry and (to a degree) the Windows Mobile operating system offer significantly better remote management. This is why the BlackBerry is accredited for use in certain protectively marked environments as an enterprise mobile device. For instance, the Blackberry Enterprise Server (BES) offers the ability to manage almost every feature of a BlackBerry device remotely, including remote wipe. This is ideal for the corporate environment, where a lost/stolen device could lead to data theft. More recently, Windows Mobile devices have become almost as manageable remotely, without the need for an expensive BES.