Should your IT department support the iPhone?

When the iPhone was first launched in June 2007, it was generally panned by IT managers and systems administrators.

iPhone in the enterprise?

iPhone in the enterprise?

Acceptance and control

If you know or suspect that iPhones are making a stealthy march into your operation, you have a couple of options. First, you can offer an alternative. By providing employees with an alternate smartphone such as a BlackBerry or a Windows Mobile device -- both have great centralized security options -- you can reduce the clamor for the iPhone and at the same time provide a more secure, business-proven solution.

In many cases, however, providing and supporting an alternative phone may not be a viable option. Doing so could be cost-prohibitive, especially if it means setting up a BlackBerry Enterprise Server, an Exchange server or an Exchange alternative. If you're asked to support only a couple of iPhones, it's probably easier to manually configure and restrict them by hand. This is particularly true if high-level managers are the primary users demanding the iPhone.

Here, user education is important. By explaining why devices need to be managed for security reasons and explaining the policies that you've implemented on the managed iPhones, you can at least offer them a rationale for minimizing the use of iPhones in your environment. This may not always be successful in limiting demand, but it's always a good starting point.

If you're forced to make the iPhone more broadly available, you can develop a configuration profile, or a series of profiles, that effectively limit access to iPhone features and applications and enforce needed security options. You can then make these profiles available to users. One advantage of the current iPhone OS is that once a policy is accepted on the device, you can restrict who can remove it.

This can be effective in dealing with both company-owned iPhones as well as personal devices. If you can get support for the idea that employees using a personal iPhone for work means some of its features need to be secured, you can distribute the requisite profiles. This gives you a way to configure and allow access to a wireless network or to other internal resources while at the same time layering on needed security measures.

A key point here is communication. You need to spell out why the iPhone needs to be locked down as much as possible. You may even want to create company-wide policies about what resources users are allowed to access or store on their iPhones. It helps to be willing to entertain the option of an iPhone, even as you also make clear your concerns and provide ways to address them. The bottom line is this: If you're forced to deal with iPhones in your environment, you want as much control and cooperation as possible.

Third-party solutions

While the iPhone Configuration Utility and the profiles that it can apply and enforce provide the best options for mitigating risks, they're not the only options. As I mentioned earlier, if you have an Exchange environment, you can also apply Exchange security policies. They, unlike configuration profiles, can be deployed over the air.

Granted, the entire range of profiles isn't available, but basic ones such as requiring a passcode to unlock the iPhone are available. Exchange also enables remote wipe, making it one of the more powerful options for using an iPhone in the enterprise.

If you don't have Exchange, and don't want to spend money on it, there are a number of less-expensive alternatives -- Kerio MailServer, Zimbra and Communigate Pro -- that still provide the core features of Exchange by licensing Microsoft's ActiveSync.

Another third-party product is Good for Enterprise. This suite allows you to secure not just iPhones, but also Android and Palm WebOS devices such as the Pre and Pixi. Good offers this security by using its own native iPhone application. The app provides much of the same groupware functionality that the iPhone's Mail, Calendar, and Contacts apps provide, but enterprise data is stored in encrypted form and can be remotely wiped from the device when necessary.

This provides better security than even the built-in Exchange support and is relatively easy to configure and manage, though an appropriate collaboration suite such as Exchange or Domino is required. Even with Good, though, you may want to further secure the iPhone using configuration profiles.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags enterprise smartphonesmobilityiPhone 3G Ssmartphones

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Ryan Faas

Computerworld (US)
Show Comments

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?