IPhone features slowly woo enterprise skeptics

Despite new features, device still a long way from the BlackBerry, experts say

With the iPhone’s newly announced enterprise features generating considerable buzz, some analysts have softened their skepticism about its potential as a corporate device, but not nearly enough to recommend it over the BlackBerry.

With the iPhone's newly announced enterprise features generating considerable buzz, some analysts have softened their skepticism about its potential as a corporate device, but not nearly enough to recommend it over Research in Motion's BlackBerry.

The features were unwrapped during a media conference at Apple's San Francisco headquarters last week, where the company announced that iPhone users would soon have access to Microsoft's Exchange ActiveSync, a licensed data synchronization protocol whose built-in support will give IT departments the ability to set password policies, set up VPN settings and perform remote data wipes on iPhones that have been lost or stolen. Apple also said that the iPhone would soon have access to Cisco IPsec VPN, which the company says will "ensure the highest level of IP-based encryption available for transmission of sensitive corporate data." Finally, Apple said it would let iPhone users make VoIP calls over Wi-Fi connections, a move that could potentially be a money-saver for companies by reducing the number of cellular minutes used per month.

The new features were seemingly developed in response to some analysts who had warned IT departments to not allow the iPhone to connect to their networks because it had no way to deliver secure corporate e-mail or to encrypt data sent and received through the device. Phil Schiller, Apple's senior vice president of marketing, acknowledged these concerns last week and said the new features were a reflection of what Apple customers have told the company would make the device enterprise-worthy.

How the iPhone stacks up to competition

Gartner analyst Ken Dulaney, who had initially advised IT departments against allowing the iPhone onto their networks, says Gartner will be releasing a report on the iPhone's enterprise potential in the near future and it appears to have met the research firm's minimal requirements to qualify for enterprise support. While Dulaney emphasizes that no formal conclusions have yet been made, he says the iPhone's new device-wipe ability, as well as its ability to enforce the use of complex passwords, will help it meet basic corporate security standards.

But while these features represent a definite step forward in expanding the iPhone's reach beyond the consumer market, Dulaney says it still has a long way to go before it's in the same class as the BlackBerry, which is currently the standard for mobile enterprise devices. He says the BlackBerry has a larger array of security policies, such as the ability for IT departments to disable the its digital cameras; to enable or shut down specific Bluetooth profiles and set how long the device is "discoverable" using Bluetooth; and to define which applications on a BlackBerry can access GPS capabilities. For companies that don't have overly stringent security requirements, the iPhone may be fine, Dulaney says. But for professionals who require high levels of security, such as government employees or stock traders, he says that the BlackBerry is still the best choice.

Andrew Storms, director of security operations at the San Francisco-based software vendor nCircle, also thinks the iPhone has a long way to go before matching the BlackBerry. In particular, he thinks one of BlackBerry's big assets is that it routes all of its data through an intermediary server at RIM's network operations center (NOC) in Canada, whereas the iPhone's Microsoft ActiveSync approach is a direct push technology that requires no intermediary servers.

These two methods of sending data became a point of contention during last week's iPhone press event, when Apple CEO Steve Jobs touted the iPhone's direct push approach by implying that BlackBerry users' e-mail messages could be vulnerable to hackers while being routed through RIM's NOC. But Storms believes Jobs' assessment of BlackBerry's security infrastructure misses that mark. Instead of seeing the NOC approach as a burden, Storms writes, BlackBerry enterprise managers see the Blackberry Enterprise server — the software that sits on the corporate network, receives e-mails from the company's Exchange or Lotus e-mail server and forwards those e-mails in an encrypted tunnel to one of the NOCs —as "a full-fledged necessary component of the overall mobile device risk management solution."

Dulaney shares Storms' view that the NOC is a feather in RIM's cap, because it lets the company connect its BlackBerry devices to hundreds of wireless carriers around the world. While he acknowledges that the iPhone's more direct approach to sending e-mail may be less expensive than BlackBerry's NOC approach, he notes that the iPhone is limited by the fact that it uses only one carrier in the United States (AT&T), whereas BlackBerry is supported by all four U.S. major carriers (AT&T, Verizon, Sprint Nextel and T-Mobile) and hundreds of carriers worldwide. Global companies that have to rely on multiple carriers for their services should stick with the BlackBerry as their standard enterprise wireless device, he says.

Another advantage that RIM still has over the iPhone, says Yankee Group analyst Nate Dyer, is that Apple has traditionally been a consumer-oriented company and hasn't yet branched out enough to create partnerships with vendors in the enterprise mobile platform ecosystem. A new Yankee Group study, for instance, shows that the iPhone has "little-to-no" partnerships among systems integrators and has "minimal" partnerships with application vendors, hardware vendors and mobile operators. The BlackBerry and Microsoft's Windows Mobile on the other hand, had either "positive" or "strong" partnerships with hardware and applications vendors, mobile operators and systems integrators.

"Granted, it's still early days of Apple's enterprise strategy, but it still takes years to cultivate these partnerships," Dyer says.

But even with these drawbacks, Dyer thinks the iPhone has a bright future in enterprise. While it may never have the thoroughness of RIM's security infrastructure or its broad access to hundreds of carriers worldwide, he sees a definite trend toward more businesses adopting popular consumer devices for their workers. And though the iPhone may not be for every company, he says its high-quality mobile Internet browsing experience could make it particularly popular for mobile workers who need travel information, corporate e-mail access and even regular traffic reports. As more workers look to bring popular consumer devices to work with them, he says, IT departments will have to figure out ways to accommodate them.

"IT departments can't just ignore this behavior; they have to adapt to it," he says. "It's important to point out that there's a significant rise in consumer tools that are used for business purposes… enterprise technology departments have been guilty for several years of putting IT's needs ahead of the user's, and I think it's time for them to think more about how to make the user experience easier."

Storms, however, has yet to be fully convinced and is taking a more skeptical approach to the iPhone's potential as a corporate device.

Whatever might happen, myself like hundreds of other security managers reached out to our user base [last week]," he writes. "We all sent the predictable e-mail out to the entire company reminding them that… the iPhone still is not yet an approved device."

Learn more about this topic

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2008 IDG Communications, Inc.