iPhone: Enterprise-worthy, perhaps, but secure enough for feds?

iPhone Version 3.1 offers greater security, but some doubt that it’s secure enough for widespread government use

Some of Apple’s recent modifications to the iPhone operating system have made the iPhone enterprise-worthy, according to some network analysts. But it still may be too unsecure for some federal customers.

The first iteration of the iPhone software, back in July 2007, had no corporate e-mail or security support, said Ted Schadler, an analyst with Forrester Research. But two years later, iPhone Version 3.0 offered much more enterprise support for security and policy administration, he said. It allows organizations to turn the iPhone’s camera off and to require stronger password protection, Schadler said.

Then, this October, iPhone Version 3.1 fixed some additional lingering security problems. One of the remaining security stumbling blocks for the iPhone is that application management — the ability to push software updates to an iPhone to make sure that new applications or policies are installed — does not exist. Research in Motion’s BlackBerry had this capability from the start, and information technology departments are notorious for wanting this sort of control down to the device level. But iPhone users have to update their software using iTunes or the iPhone Configuration Utility, Schadler said.

Schadler says that some government agencies, those without classified networks or extremely sensitive information, might want to consider adopting the iPhone for enterprise use.

Not so fast, says Martha Vazquez, a network security research analyst for Frost & Sullivan. Though the iPhone “may have raised the bar enough to enter the enterprise, we believe that it falls short of meeting government requirements, such as FIPS [Federal Information Processing Standard] 140-2 certifications and other common criteria that are needed," she said.

BlackBerry, by contrast, has more than 450 policies that let IT departments control what users can do on their BlackBerry devices, Vazquez said. Further, BlackBerry security features such as code signing—the process of digitally signing executables and scripts to confirm software authorship and integrity — are not available on the iPhone. Nor does the iPhone allow for the installation of anti-malware software, Vazquez said.

About the Author

Trudy Walsh is a senior writer for GCN.

Featured

  • Cybersecurity
    malware detection (Alexander Yakimov/Shutterstock.com)

    Microsoft targets copycat influence websites

    Microsoft went to court to take down websites it believes to be part of a foreign intelligence operation targeting conservative think tanks and the U.S. Senate.

  • Cybersecurity
    secure network

    FAA explores shifting its network to FISMA high

    The Federal Aviation Administration is exploring an upgrade to the information security categorization of IT systems as part of air traffic control modernization.

  • Cybersecurity
    Shutterstock photo id 669226093 By Gorodenkoff

    The disinformation game

    The federal government is poised to bring new tools and strategies to bear in the fight against foreign-backed online disinformation campaigns, but how and when they choose to act could have ramifications on the U.S. political ecosystem.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.