(This article is reprinted from InfoWorld.com, an IDG sister site.)
You’ve heard it all before. The CEO buys an iPhone, falls in love, and leans on IT to shift its stack of tasks to make work-enabling his new gadget IT Priority No. 1.
But as IT departments scramble to sync e-mail and slap together Web apps for Safari-based iPhone access, the question remains: Can Apple’s ear-candy crush object draft off this executive effect to true enterprise mobile legitimacy, or are execs’ iPhone fetishes jeopardizing the integrity of their company’s mobile strategy?
Here we examine the iPhone ecosystem’s evolving backdoor bid for enterprise, one that pits security concerns, vendor intentions, and gadget affinities against caution-minded enterprise IT.
Executive inroads to the enterprise
A midsize company providing inventory supply services to schools, government facilities, and other institutions across the United States was perfectly happy with its mobile Palm-based inventory software until the CEO and other high-level execs purchased their own iPhones.
“Suddenly, they were saying, ‘Hey, this is really nice,’ and reevaluating their whole handheld strategy,” says Ben Gottlieb, president of Stand Alone, which provides business inventory software and consulting services to the aforementioned inventory supplier. “Then came the questions about where the Palm OS was headed and whether their inventory application could be iPhone-enabled.”
Mark Russell, vice president of sales and marketing at U-Line, a Milwaukee-based manufacturer of under-counter icemakers and refrigerators, had an iPhone for fun and a Nokia E70 for work until he accidentally crushed the Nokia device in his mother-in-law’s recliner. Instead of getting a new E70, he asked IT to sync his iPhone with the corporate Exchange server.
“Our IT guy was nervous at first, but when Visto added iPhone capability to its Visto Enterprise Server, he gave it a try,” Russell says, referring to the mobile messaging service provider, Visto. U-Line was already using Visto to sync its smartphones with Exchange.
Russell is perfectly happy with his business iPhone and has no intention of repurchasing the Nokia or any other device. And according to Daniel Koshute, U-Line systems administrator, several other employees are ready to make the switch as well.
The above examples are not unique. Like the PDAs, USB storage devices, and Wi-Fi devices that came before it, the iPhone is pushing its way through the side door of today’s enterprises, thanks to a sexy interface, a superior mobile browser, and executive pressure.
“Apple has definitely achieved its goal of making you smile every time you press a keystroke,” says Ken Dulaney, an analyst at Gartner.
And it’s precisely that smile that has enterprise IT nervous. After all, Apple has very openly targeted the iPhone as a consumer device, doing little to enable it with the security, management, and other features the typical enterprise IT department demands from any mobile platform it supports. Not to mention that Apple’s enterprise sales and support — or lack thereof — have not exactly endeared the company to the enterprise in the past. Yet analysts and vendors of smartphone software report that enterprise demand for the iPhone is rising.
“When the iPhone came out, we had a surge of enterprise IT customers asking when we would support it,” says Senthil Krishnapillai, director of product management for Sybase iAnywhere, which will soon offer an iPhone enterprise e-mail syncing solution. “They told us that management was asking for it.”
“We’re definitely seeing enterprise interest in the iPhone, mostly driven by executives and rogue users, rather than IT,” says Matt Parks, director of product management at Visto, which recently introduced iPhone/Exchange/Domino syncing for its Visto Mobile Enterprise server.
IT in the crosshairs
Perhaps most disturbing to IT is the security quandary it faces in supporting the iPhone.
“An enterprise must ensure that whatever device comes into the environment doesn’t breach any of the security policies it has in place,” Dulaney says. “Otherwise, they have two choices: Be a hypocrite, or lower their overall investment in security because one breach, no matter how small, is a breach after all.”
Although it does come with VPN capability, the iPhone’s built-in security just doesn’t measure up to those of its more enterprise-focused BlackBerry and Windows Mobile competitors.
“Most enterprises cite two must-have security features for any supported mobile device: the ability to force the user to create a complex power-on password, and the ability to wipe out the data on the device remotely if it’s lost,” Dulaney says. “In order to do that, you need the right hooks in the firmware, which Apple doesn’t provide.”
And because they aren’t yet in the firmware, software vendors that support the iPhone, including Visto and Sybase, can’t offer those capabilities.
Other security, usability, and management issues are also conspiring to ensure that the iPhone will not dominate the enterprise any time soon.
As opposed to the BlackBerry, the iPhone doesn’t provide any inherent firewall or data encryption. Now holding up to 16GB, the iPhone’s storage capacity gives IT jitters because it can be used to steal large amounts of data from an unprotected PC. Moreover, the iPhone comes with a built-in camera, which many IT departments do not allow as a matter of policy.
“One of the things that really scares me, particularly with government agencies, is that Apple’s core iPhone framework allows it to take pictures or video and record sound without any flashing light or other indicator that anything is happening,” says Jonathan Zdziarski, research scientist for a security vendor and author of iPhone Open Application Development, which explains how to develop iPhone applications using Objective-C and an open source, community-developed iPhone toolkit.
“This lets Joe Hacker create software that can secretly eavesdrop on conversations and record video, then send the audio or video file anywhere over the network,” Zdziarski says.
Apple could prevent such hacks by requiring the user to visually authenticate an application’s ability to access the camera or microphone much like Leopard does for applications that want to listen for incoming connections, Zdziarski adds.
Others have taken issue with the fact that the iPhone is based on the OS X operating system and Safari Web browser, both of which have been around long enough for hackers to know how to exploit. Yet, at the same time, it’s a closed system, at least until Apple releases a native SDK in late February or early March, so security software vendors are unable to provide protection software for it.
Where’s the road map?
Even when Apple’s SDK comes out, nobody knows whether it will provide the kernel and hardware hooks that security vendors demand. And that brings up another sticking point that enterprises have with Apple: the lack of a publicized road map.
Enterprise IT depends on the technology road maps published by established enterprise vendors such as Intel, Microsoft, IBM, and HP to plan and budget for hardware and software upgrades. Apple’s road maps are a closely held secret.
“Since Apple is primarily a consumer company, they won’t tell you anything until the day of release,” Gartner’s Dulaney says.
In the meantime, according to Zdziarski, some prospective iPhone software vendors and enterprise developers have used the Open Source SDK to get their feet wet. Others, such as NetSuite and Salesforce.com, are taking advantage of AJAX for the Safari browser, but this doesn’t provide the flexibility and access to the OS that a native SDK would provide.
Another sticking point: Apple’s enterprise sales and support staff are minimal, rumored to be in the teens, although Apple would not divulge this information, and Apple has never demonstrated a real commitment to the enterprise, nor does it have any developed enterprise sales channel.
“Apple needs to develop key enterprise partners to help them get past executive appeal and get traction on the IT side, and they simply haven’t done it,” says Sean Ryan, research analyst for mobile enterprise solutions at IDC.
As for management, Apple offers nothing even remotely similar to the centralized device management capabilities offered by RIM or Microsoft. There are no tools for monitoring mobile assets or enforcing corporate software policies, and the iPhone’s reliance on iTunes for activation and software updates just doesn’t sit well with IT, nor does the need to send the iPhone back to Apple for a battery change.
Waiting for the SDK
Finally, until the iPhone SDK allows client software installation on the device, there are several outstanding usability issues. Even with existing corporate e-mail solutions, the iPhone doesn’t offer true push e-mail, but rather syncs with the server once every 15 minutes, an eternity for true e-mail addicts. It also offers no native calendar and contact syncing abilities, so users might miss rescheduled meetings.
Meanwhile, enterprise e-mail sync vendors such as Visto, Sybase, and IBM have implemented work-arounds to cope with the iPhone’s drawbacks. Because the phone provides no data encryption, IBM plans to provide all its Domino access using Safari, with absolutely no e-mail storage on the iPhone itself, according to Kevin Cavanaugh, vice president of Notes and Domino at IBM. Visto and Sybase take advantage of the iPhone e-mail client, but both provide tight control over attachment-download policies. Sybase’s iAnywhere can remove mail data from a lost or stolen iPhone, but not until the next time it syncs with the server.
These vendors and others are waiting anxiously for the SDK, after which a number of security and other iPhone enhancements are expected to be offered by third parties, depending on the depth of access provided by the SDK. Meanwhile, AT&T has begun quietly offering business service plans for the iPhone, starting at US$45 per month, although with no notable business-focused extras, such as corporate e-mail syncing, as of yet.
Still, the iPhone has a long way to go before moving beyond an executive luxury to becoming a true enterprise player. Much of the momentum depends on Apple’s cooperation and an enterprise commitment it has not demonstrated in the past.
“Apple is doing just fine with consumers and businesspeople who purchase the iPhone with their own money,” Dulaney says. “Those two groups make up 85 percent of the 2.5 billion phones out there. What real incentive do they have to screw with the enterprise?”
Reprinted from InfoWorld, an IDG sister site.