Whether IT likes it or not, the iPhone is being brought into the enterprise. Even though many enterprises have banned the iPhone, many others have also simply turned a blind eye to its use. And although it’s relatively easy to enforce an iPhone ban, it becomes more difficult when the CEO requests IT to support his iPhone. Given that the iPhone now has out-of-the-box integration with Microsoft Exchange, some organizations have recognized that they have the ability to enforce security policies and even remotely wipe the data on a lost or stolen iPhone. However, even that isn’t enough for some enterprises.
Enhance security
The iPhone OS 2.0 brought with it some significant security improvements, including the ability to enforce logon passwords, utilize Cisco IPSec VPNs, and remotely wipe data from a lost or stolen device. Even so, iPhone security doesn’t come close to the security provided by Microsoft System Center Mobile Device Manager (for Windows Mobile smartphones) or RIM BES Server (for the RIM BlackBerry). In addition, due to Apple’s tight control of third-party software developers, security vendors have their hands severely tied and there is very little in the way of third-party products to enhance the security of the iPhone.
Improve manageability
Apple currently provides a tool called the iPhone configuration utility that allows IT to create configuration profiles that contain e-mail, Wi-Fi, VPN, and other basic settings to provision devices. Unfortunately, there are two very serious limitations to this tool. First, there is no way to bulk deploy the profiles—the user or IT worker has to manually configure each device to use the profile, which can be difficult and time consuming. Secondly, there is no way to enforce the usage of the configuration profile.
Policies can be enforced and managed remotely through the use of Microsoft Exchange and ActiveSync. But that still leaves out enterprises using Lotus Notes or other messaging platforms. Fortunately, recent developments, including the licensing of ActiveSync by Google, potentially position ActiveSync to become much more of an industry-wide standard, independent of Exchange. This will give enterprises more device and platform options while maintaining consistent management and controls.
Give developers more control
In an effort to ensure a consistent user experience, Apple has placed very strict controls upon what developers can access within the iPhone through the SDK, as well as the types and content of applications that are distributed through the App Store. Additionally, every new release or update of an app must be approved by Apple for distribution. Apple does provide an enterprise App Store distribution model. But this leaves a lot to be desired because it also still requires manual configuration and installation of applications on each device. According to Apple, it’s only available to enterprises with hundreds of devices. This means that organizations needing smaller deployments of custom applications must rely on Ad Hoc distribution. Unfortunately, this is limited to 100 devices or less and users experience with Ad Hoc distribution is reportedly quite poor.
While we can understand why Apple would want to limit what developers can do with SDK, enterprise developers don’t like the limitations Apple places upon them. For instance, they do not allow them to develop applications to run in the background (although many of Apple’s own applications do run in the background), and they can’t create apps that access information outside of the application’s own “sandbox” (like accessing telephony events or the call log which is necessary for some kinds of billing and time tracking applications).
iPhone momentum
Nobody can deny that Apple has changed the mobile and wireless industry forever. What remains to be determined is how those changes will be incorporated into the enterprise and how long it will take. There are a handful of enterprise customers that have publicly announced internal deployments of the iPhone, including Kraft Foods, Sonnenschein Nath & Rosenthal LLP, Trek Bikes, and SI International. In addition, other firms are privately conducting internal pilot deployments.
Other deployments are sure to follow, but it remains to be seen whether Apple can seriously dent RIM and Microsoft’s enterprise market share.
