iPhone: Enterprise-worthy, perhaps, but secure enough for feds?
Connecting state and local government leaders
The latest iPhone operating system is more secure, but doubts linger about whether it can rival the BlackBerry for government-level real security.
Some of Apple’s recent modifications to the iPhone operating system have made the iPhone enterprise-worthy, according to some network analysts. But it still may be too unsecure for some federal customers.
The first iteration of the iPhone software, back in July 2007, had no corporate e-mail or security support, said Ted Schadler, an analyst with Forrester Research. But two years later, iPhone Version 3.0 offered much more enterprise support for security and policy administration, he said. It allows organizations to turn the iPhone’s camera off and to require stronger password protection, Schadler said.
Then, this October, iPhone Version 3.1 fixed some additional lingering security problems. One of the remaining security stumbling blocks for the iPhone is that application management — the ability to push software updates to an iPhone to make sure that new applications or policies are installed — does not exist. Research in Motion’s BlackBerry had this capability from the start, and information technology departments are notorious for wanting this sort of control down to the device level. But iPhone users have to update their software using iTunes or the iPhone Configuration Utility, Schadler said.
Schadler says that some government agencies, those without classified networks or extremely sensitive information, might want to consider adopting the iPhone for enterprise use.
Not so fast, says Martha Vazquez, a network security research analyst for Frost & Sullivan. Though the iPhone “may have raised the bar enough to enter the enterprise, we believe that it falls short of meeting government requirements, such as FIPS [Federal Information Processing Standard] 140-2 certifications and other common criteria that are needed," she said.
BlackBerry, by contrast, has more than 450 policies that let IT departments control what users can do on their BlackBerry devices, Vazquez said. Further, BlackBerry security features such as code signing—the process of digitally signing executables and scripts to confirm software authorship and integrity — are not available on the iPhone. Nor does the iPhone allow for the installation of anti-malware software, Vazquez said.
NEXT STORY: Adobe investigating zero-day PDF vulnerability