Should your IT department support the iPhone?

When the iPhone was first launched in June 2007, it was generally panned by IT managers and systems administrators.

iPhone in the enterprise?

iPhone in the enterprise?

Acceptance and control

If you know or suspect that iPhones are making a stealthy march into your operation, you have a couple of options. First, you can offer an alternative. By providing employees with an alternate smartphone such as a BlackBerry or a Windows Mobile device -- both have great centralized security options -- you can reduce the clamor for the iPhone and at the same time provide a more secure, business-proven solution.

In many cases, however, providing and supporting an alternative phone may not be a viable option. Doing so could be cost-prohibitive, especially if it means setting up a BlackBerry Enterprise Server, an Exchange server or an Exchange alternative. If you're asked to support only a couple of iPhones, it's probably easier to manually configure and restrict them by hand. This is particularly true if high-level managers are the primary users demanding the iPhone.

Here, user education is important. By explaining why devices need to be managed for security reasons and explaining the policies that you've implemented on the managed iPhones, you can at least offer them a rationale for minimizing the use of iPhones in your environment. This may not always be successful in limiting demand, but it's always a good starting point.

If you're forced to make the iPhone more broadly available, you can develop a configuration profile, or a series of profiles, that effectively limit access to iPhone features and applications and enforce needed security options. You can then make these profiles available to users. One advantage of the current iPhone OS is that once a policy is accepted on the device, you can restrict who can remove it.

This can be effective in dealing with both company-owned iPhones as well as personal devices. If you can get support for the idea that employees using a personal iPhone for work means some of its features need to be secured, you can distribute the requisite profiles. This gives you a way to configure and allow access to a wireless network or to other internal resources while at the same time layering on needed security measures.

A key point here is communication. You need to spell out why the iPhone needs to be locked down as much as possible. You may even want to create company-wide policies about what resources users are allowed to access or store on their iPhones. It helps to be willing to entertain the option of an iPhone, even as you also make clear your concerns and provide ways to address them. The bottom line is this: If you're forced to deal with iPhones in your environment, you want as much control and cooperation as possible.

Third-party solutions

While the iPhone Configuration Utility and the profiles that it can apply and enforce provide the best options for mitigating risks, they're not the only options. As I mentioned earlier, if you have an Exchange environment, you can also apply Exchange security policies. They, unlike configuration profiles, can be deployed over the air.

Granted, the entire range of profiles isn't available, but basic ones such as requiring a passcode to unlock the iPhone are available. Exchange also enables remote wipe, making it one of the more powerful options for using an iPhone in the enterprise.

If you don't have Exchange, and don't want to spend money on it, there are a number of less-expensive alternatives -- Kerio MailServer, Zimbra and Communigate Pro -- that still provide the core features of Exchange by licensing Microsoft's ActiveSync.

Another third-party product is Good for Enterprise. This suite allows you to secure not just iPhones, but also Android and Palm WebOS devices such as the Pre and Pixi. Good offers this security by using its own native iPhone application. The app provides much of the same groupware functionality that the iPhone's Mail, Calendar, and Contacts apps provide, but enterprise data is stored in encrypted form and can be remotely wiped from the device when necessary.

This provides better security than even the built-in Exchange support and is relatively easy to configure and manage, though an appropriate collaboration suite such as Exchange or Domino is required. Even with Good, though, you may want to further secure the iPhone using configuration profiles.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags enterprise smartphonesmobilityiPhone 3G Ssmartphones

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Ryan Faas

Computerworld (US)
Show Comments

Most Popular Reviews

Latest News Articles


PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?