- Microsoft will float cloud OS this month
- Top 16 Chinese iPhoneys
- Pimp your ride: Cool car technology
- Laptop stolen from McCain campaign
- Cisco, Microsoft roll out server, networking appliance
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:Application Performance Solutions | App Performance | Networking Solution | SafeGuard Enterprise Solution Center | SOA | Value of WDS
Apple Inc.'s iPhone will prove to be a security nightmare to corporate IT when it debuts Friday. Or it may fuel a surge in mobile malware. Or it won't change the security landscape one whit. Take your pick, said security researchers and analysts today.
With details still unclear -- Apple has said next to nothing about iPhone security -- it's no wonder that the device's vulnerabilities are in the eye of the beholder, even if those beholders are professionals who make their living researching vulnerabilities and blocking exploits.
"It's a nightmare for security teams," said Andrew Storms, director of security operations at nCircle Network Security Inc. "What I'm afraid of is that enterprises are going to get pressure from, say, sales, to bring this in. And even if it's not approved, people will try to connect it to their corporate networks. It has no place in the enterprise."
Storm's problem with the iPhone stems from the lack of a security management tool that could enforce company policies about which devices connect to the network and when. "There are no central management tools. If there was a product that integrated with [Mac] OS X Server, it would be a totally different story," said Storms. "Apple has been quiet about enterprise security, so we have to expect and plan for the worst."
Neel Mehta, team lead for Internet Security Systems Inc.'s advanced research group, agreed -- up to a point.
"All the press around the iPhone makes it a very enticing target for hackers," said Mehta, who has forecast malware aimed at the new device will be developed in the near future. "The fact that it runs Mac OS X means that there is a good possibility that vulnerabilities found on the OS will also affect the iPhone. [Hackers] may be able to port the hacks they find on one to the other."
But Mehta also said he sees an upside to iPhone security. One likely boon: the omission of an software developer's kit for the phone. The decision to forgo an SDK and instead force application writers to deliver software and services through the embedded Safari browser may have disappointed developers, but it got a thumbs-up from Mehta.
"The lack of an SDK will limit the development of viruses and worms," he argued. "Without one, it's going to be very challenging [for anyone] to run any software on the iPhone."

The Vista era of Windows is here. Yet most organizations will retain Windows XP alongside new Vista...
Gartner Research: Hype Cycle for IT Operations Management, 2008.If you are evaluating service management tools, managing emerging technologies such as...
Frontline LAN Troubleshooting GuideThis comprehensive, 115 page guide provides frontline network troubleshooters with practical advice...

The Vista era of Windows is here. Yet most organizations will retain Windows XP alongside new Vista...
PoE Plus: Impact on the PoE MarketThe standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...
Intelligent Mobility: BlackBerry Technical Seminar 2008The virtual BlackBerry Technical Seminar keeps growing in popularity every year, and we want to...

Companies today are striving to maximize worker productivity by allowing workers to access more...
Comment