Outfitting the iPhone for business
(This article is reprinted from InfoWorld.com, an IDG sister site.)
You've heard it all before. The CEO buys an iPhone, falls in love, and leans on IT to shift its stack of tasks to make work-enabling his new gadget IT Priority No. 1.
But as IT departments scramble to sync e-mail and slap together Web apps for Safari-based iPhone access, the question remains: Can Apple's ear-candy crush object draft off this executive effect to true enterprise mobile legitimacy, or are execs' iPhone fetishes jeopardizing the integrity of their company's mobile strategy?
Here we examine the iPhone ecosystem's evolving backdoor bid for enterprise, one that pits security concerns, vendor intentions, and gadget affinities against caution-minded enterprise IT.
Executive inroads to the enterprise
A midsize company providing inventory supply services to schools, government facilities, and other institutions across the United States was perfectly happy with its mobile Palm-based inventory software until the CEO and other high-level execs purchased their own iPhones.
"Suddenly, they were saying, 'Hey, this is really nice,' and reevaluating their whole handheld strategy," says Ben Gottlieb, president of Stand Alone, which provides business inventory software and consulting services to the aforementioned inventory supplier. "Then came the questions about where the Palm OS was headed and whether their inventory application could be iPhone-enabled."
Mark Russell, vice president of sales and marketing at U-Line, a Milwaukee-based manufacturer of under-counter icemakers and refrigerators, had an iPhone for fun and a Nokia E70 for work until he accidentally crushed the Nokia device in his mother-in-law's recliner. Instead of getting a new E70, he asked IT to sync his iPhone with the corporate Exchange server.
"Our IT guy was nervous at first, but when Visto added iPhone capability to its Visto Enterprise Server, he gave it a try," Russell says, referring to the mobile messaging service provider, Visto. U-Line was already using Visto to sync its smartphones with Exchange.
Russell is perfectly happy with his business iPhone and has no intention of repurchasing the Nokia or any other device. And according to Daniel Koshute, U-Line systems administrator, several other employees are ready to make the switch as well.
The above examples are not unique. Like the PDAs, USB storage devices, and Wi-Fi devices that came before it, the iPhone is pushing its way through the side door of today's enterprises, thanks to a sexy interface, a superior mobile browser, and executive pressure.
"Apple has definitely achieved its goal of making you smile every time you press a keystroke," says Ken Dulaney, an analyst at Gartner.
And it's precisely that smile that has enterprise IT nervous. After all, Apple has very openly targeted the iPhone as a consumer device, doing little to enable it with the security, management, and other features the typical enterprise IT department demands from any mobile platform it supports. Not to mention that Apple's enterprise sales and support -- or lack thereof -- have not exactly endeared the company to the enterprise in the past. Yet analysts and vendors of smartphone software report that enterprise demand for the iPhone is rising.
"When the iPhone came out, we had a surge of enterprise IT customers asking when we would support it," says Senthil Krishnapillai, director of product management for Sybase iAnywhere, which will soon offer an iPhone enterprise e-mail syncing solution. "They told us that management was asking for it."
"We're definitely seeing enterprise interest in the iPhone, mostly driven by executives and rogue users, rather than IT," says Matt Parks, director of product management at Visto, which recently introduced iPhone/Exchange/Domino syncing for its Visto Mobile Enterprise server.
IT in the crosshairs
Perhaps most disturbing to IT is the security quandary it faces in supporting the iPhone.
"An enterprise must ensure that whatever device comes into the environment doesn't breach any of the security policies it has in place," Dulaney says. "Otherwise, they have two choices: Be a hypocrite, or lower their overall investment in security because one breach, no matter how small, is a breach after all."
Although it does come with VPN capability, the iPhone's built-in security just doesn't measure up to those of its more enterprise-focused BlackBerry and Windows Mobile competitors.
"Most enterprises cite two must-have security features for any supported mobile device: the ability to force the user to create a complex power-on password, and the ability to wipe out the data on the device remotely if it's lost," Dulaney says. "In order to do that, you need the right hooks in the firmware, which Apple doesn't provide."
And because they aren't yet in the firmware, software vendors that support the iPhone, including Visto and Sybase, can't offer those capabilities.
Other security, usability, and management issues are also conspiring to ensure that the iPhone will not dominate the enterprise any time soon.
As opposed to the BlackBerry, the iPhone doesn't provide any inherent firewall or data encryption. Now holding up to 16GB, the iPhone's storage capacity gives IT jitters because it can be used to steal large amounts of data from an unprotected PC. Moreover, the iPhone comes with a built-in camera, which many IT departments do not allow as a matter of policy.
"One of the things that really scares me, particularly with government agencies, is that Apple's core iPhone framework allows it to take pictures or video and record sound without any flashing light or other indicator that anything is happening," says Jonathan Zdziarski, research scientist for a security vendor and author of iPhone Open Application Development, which explains how to develop iPhone applications using Objective-C and an open source, community-developed iPhone toolkit.
"This lets Joe Hacker create software that can secretly eavesdrop on conversations and record video, then send the audio or video file anywhere over the network," Zdziarski says.
Apple could prevent such hacks by requiring the user to visually authenticate an application's ability to access the camera or microphone much like Leopard does for applications that want to listen for incoming connections, Zdziarski adds.
Others have taken issue with the fact that the iPhone is based on the OS X operating system and Safari Web browser, both of which have been around long enough for hackers to know how to exploit. Yet, at the same time, it's a closed system, at least until Apple releases a native SDK in late February or early March, so security software vendors are unable to provide protection software for it.