“iPhone. Whether enterprises are prepared or not, it has arrived,” Brian Prince reports for eWeek.
“It is only natural that IT organizations shiver at the thought of the iPhone endangering their networks, but they will have few options to block its entrance to the enterprise and no recourse but to prepare for it, said Andrew Jaquith, an analyst at Yankee Group,” Prince reports. “‘Regardless of the bloviating prognostications of analysts, journalists or other talking heads—this one included—early-adopter employees and status-seeking managers will smuggle the iPhone…into enterprises of all sizes,’ he said.”
“‘Because of the iPhone’s enterprise suitability—not in spite of it—these employees will place increasing pressure on IT groups to support e-mail, calendaring and intranet application interfaces that work with the iPhone.’ Enterprises can choose to support the iPhone by using open standards for e-mail access, and by configuring their VPN to work with the iPhone’s VPN client, Jaquith said,” Prince reports. “‘Not supporting the iPhone is an option too, but frankly in my view the security issues are not that significant,’ he said.”
Prince reports, “Jaquith said that many of the security worries raised by critics of the iPhone have been exaggerated. ‘Let’s look at the facts. Internet-capable phones have much smaller attack surfaces than desktops,’ he said. ‘Moreover, the iPhone has a much smaller attack surface than the smart phone operating systems it has been often compared with, such as Windows Mobile. The iPhone has no open TCP/IP ports, no removable media, no USB drive functions, no Bluetooth services other than audio, no file system access and no supported native third-party APIs or SDK. If you can’t run third-party code on it, you can’t run hostile code on it either.'”
Full article here.
[Thanks to MacDailyNews Reader “Essence” for the heads up.]
But when are they coming to Denmark?
I don’t get it… What are people afraid of?
Humans are cattle. The same as any other herd animal.
Clearly said.
iPhone security issues were the fabrication of shills.
@TheConfuzed:
They were “afraid” because it was from Apple.
They are afraid of losing control.
They are afraid of someone making it easy.
They are afraid that something might plug and play.
They are afraid management will find out that IT has been recommending hardware/software “solutions” for years that require constant tweaking, fiddling and patching for no reason other than to ensure IT has a position of power and continued job security.
They are afraid management will find out there are real solutions that would allow IT staff to be cut in half.
They are very very afraid of anything that just works.
That is why they love Microsoft so much. MS has never made anything that just works.
“I don’t get it… What are people afraid of?”
IT guys are afraid of what they don’t know..
I am one of them, and I am frustrated that I have to use windows and support windows because the iIT ignorants on the corporate offices do not know how to use any other computer besides windows computer, so we at the local support have to deal with the millions of problems with windows.. the good part is that I have a Mac in my house..
Thats nice, but without ActiveSync support, the IT guy can’t really do anything for us iPhone users. It’s nut just email sync that I need for the office. Need calendar, contacts also through Exchange. Out IT guys are okay with iPhone, but IMAP is not enough.
Has any malware caused any damage on any phone anywhere? The iPod and iPhone are more secure than other phones. The iPod and iPhone can be updated with security patches virtually every day if needs be.
Yes you can steal secret files on any USB jump drive.
Yes you can bring malware into a closed system on any USB jump drive.
Ban USB jump drives, I dare you.
If your Windows machines are unprotected you deserve to have them infected, no matter how the infection gets in.
As a Mac enthusiast, in iPhone owner, and a Windows avoider, I’m still skeptical about this prospect.
One Word: Exchange
MDNMW: standard
Let’s hope to change the standard
The Safari threat is very real.
THe phone can be hacked to add almost any app that can be compiled against the toolchain the bright folks that have been guzzling caffiene since they got their paws on a phone have created.
Hate to say it, concerning the “no third party apps can be installed” concept, but security through obscurity hasn’t worked for “other” OS vendors, and it won’t work for Apple either.
That being said, ‘ll be attending Black Hat with my iPhone and checking out the presentation that is suppose to divulge the details of the attack vector that Apple has been informed of (and will hopefully fix with an update just prior to).
Before ayone screams about you having to join an untrusted network or be stupid enough to click on an unknown link, please remember that the weakest link in ANY system is the link between the brain and the touchscreen (in this case).
With that many sold, there are going to be some idiots and scene whores that are brain dead enough to do just that without a second thought.
That’s it, let the abuse begin…
whata jerk
“The iPhone isn’t a smart phone—a cut-down PC. It’s better to think of it as a grown-up iPod that also allows employees to check e-mail and run Web applications.”
IT guys are not afraid of the iPhone.
Get over that stereotype. It’s as much a stupid stereotype as calling Mac users cultish, though lately we’re looking more and more like a cult willing to forgive anything Apple does.
As an IT guy I have a budget. I have x number of support people per computer user. I have these people trained to support a fixed number of products. If every Jane, Dick, and Harry runs out, and buys whatever mobile device they want, it’s freaking chaos.
I’m an independent consultant. I can’t begin to relate to you the sheer number of dumbass iPhone calls I’m getting from clients every freaking day.
IT guy don’t have time for that crap, let alone the security issues, and face it, the iPhone is not a secur device (yet).
If I were back to being an IT Director with say 10 guys for a thousand users, I’d tell people we don’t support the iPhone, or for that matter 99% of all the other smartphones out there. We probably have a whole Blackberry infrastructure set up and that’s what we support.
If you buy an Iphone, great, let me play with it! But don’t expect official support from IT or access to corporate services with it, (not that it could do it anyway.)
The freaking phone is less than a month released.
I denied my first request to allow an iPhone to sync with our corporate Exchange server. As a Mac & Apple fan, it pained me to do it.
It had absolutely nothing to do with fear, but because I have no way to lock it down for HIPAA compliance (an important part of my company’s industry). The same can not be said of Windows Mobile and Blackberry devices. When Apple develops an administrator’s toolkit, it might be a different story. Unfortunately, it’s not there yet.
Better word: “Leopard”
Actually Leopard Server. With Leopard comes a completely redesigned colaboration suite in Mail, long overdue iCal Server and a new ore-confined Wiki-Server. These three elements will go a long way towards relieving the lack of Exchange functionality in Mac environments. With that in place communication and even syncing between Exchange and these new Mac collaboration tools shouldn’t be far behind.
Four weeks later, I still can’t get my my IMAP enabled Win 2000 server to work with my iPhone. There seems to be a known bug with some versions of Exchange recognizing IMAP security verification. The fix evidently is to edit registry some files on the server. Too scary for me to do myself. I have to wait for my IT guy to get back from vacation.
Windows registries: yet one more reason to buy a Mac.
I’m an IT guy. And we already have iPhones on our network.
What, me worry?
@ Chris,
Health Information Privacy??? That’s BS, and you know it. An administrator tool kit is just a placebo designed to make you think that data on a hand held is secure. Anyone seriously interested in getting at the data can and will get it before you can begin to think about deleting it. All they have to do is get hold of the device. It doesn’t matter who made it.
At my organization (about 130 people) the only two guys with iPhones ARE the IT guys! All the Execs etc are still Blackberry/Treo and carrying two phones. Here the IT guys are ahead of the curve and are as motivated as anyone to get it on the network. The IT guys love gadgets and loved the dual boot MBPro, so iPhone wasn’t a problem.
@Chris2
I can’t lock the device down like I can with a Blackberry or a Windows Mobile device. I can’t set the device to lock itself after a certain period of inactivity. I can’t force the user to password protect it and/or change their password on a regular basis. I can’t ensure that password is strong. In short, although I can never guarantee that information is 100% protected, I can’t even make any reasonable measure to ensure the device is protected to some extent. I CAN do that with one of the aforementioned devices.
Ok IT dork. Get out of the Klingon outfit, come up from your mom’s basement, stop surfing porn…get with the program. Ok ?
The only thing that Apple needs to do is get ActiveSync in the iPhone. I bet 90% of the IT people who were quick to say no to iPhone will be good with it.
My bro is a tech for the state of Texas. He has to put up with Micros**t products all the little long day.
He used to be a Mac-mocker and he used to impugn their value and overall usefulness.
Used to be.
He went from windows to Linux at home and now has settled on which platform? That’s right – Mac OS X.
I love my brother.
@theloniousMac
I also am an IT guy with a major company, I have my own personal iPhone, but I also have to carry around my work Blackberry. Why because it was here first, and that is what the company has paid for and continues to pay for. I would love to have iphones on my network, now do I have the support of the company. ie $, $ and more $. Your telling me i have to buy now 5,000+ new iPhones, get rid of my Blackberry server and allow your iphone to be the #1 device. I am sure the budget is just overflowing with extra Cash the company wants to spend. If you buy your iphone, Like me, then take the time to learn it dont expect me to teach you. And dont get all butt hurt cause you are too stupid to sync it with your Internet explorer and your contacts. I have a mac, and it is easy, if you want it easy buy a mac, dont come and ask me to install itunes on your work computer so you can download games and movies over the networkl. (which people have done)
The problem as theloniousMac said,
is not IT the problem is the users, and the money that comes with it. I wish i could buy macs for the whole worldwide company i work at, and give all iphones, and access it would be the life! but come on be serious, $ is $ and your talking about cutting our loses and starting all over. Not to mention we have a contract with BlackBerry that would need to be broken.
Our problem with the iPhone is lack of encryption, and no central managment ability. We don’t want our people carryin around company email on their unencryped iPhone. Without central management we can’t ensure all iPhones have the latest software/patches.
We have blocked the iPhone from syncing with our computers on our networks to prevent users from syncing their email, calendars, contacts, etc.
IfApple offers enterprise central management, and encryption for the iPhone we’ll take another look at it.
Saying all that, the iPhone is no more of a risk then any other smart phone. Why we have our shorts in a bunch over the iPhone and not other smart phones is a mystery.