Slashdot Mirror

← Back to Stories (view on slashdot.org)

Corporate IT Hanging Up on Apple's iPhone

Posted by Zonk on from the no-soup-for-you dept.

WSJdpatton writes "iPhones can be used for email, but many businesses don't plan to sync them with internal systems used to power Blackberries and Microsoft mobile devices. Employees eager to use the cool new gadget, however, may pressure IT departments to support iPhones even if it means incurring more costs and changing policies. The WSJ reports: 'Incompatible technology has become an increasing problem for businesses as hand-held email and phone devices are evolving into minicomputers that can do such things as download music, take pictures and surf the Web. In the past, businesses have been unwilling to support certain devices, like those with cameras, for instance, because of concerns employees could use them to document company secrets. But these tensions would be magnified if the iPhone is as popular as Apple is hoping and some analysts expect.'"

10 of 380 comments (clear)

  1. Summary of the article. by ozmanjusri · · Score: 4, Informative

    Companies who've locked themselves in to a proprietary email system can't change when a new (and potentially better) product is available.

    --
    "I've got more toys than Teruhisa Kitahara."
    1. Re:Summary of the article. by Helvick · · Score: 4, Informative
      My day job involves creating processes that allow our enterprise to securely build, deploy and manage configurations to mobile devices like mobile phones and blackberry. What I need to do (as any other systems admin does) is to create a repeatable, secure and reliable method of taking control of a physical device, securing it (so data and credentials on that device are safe and my enterprise can authenticate both the device and the user later) and configuring it. When you want to do that for 20000 or more users on five continents over 80 or more cellular providers you really want to be able to fully automate the process. That requires an SDK and a reasonably complete manageability API at the OS level that is available to you.

      Otherwise the option is to go manual. Apart from the near impossibility of getting a user to reliably communicate a device's identity (ie a hardware device ID\Serial number\IMEI number) back into a configuration database you cannot seriously ask normal end users to poke around in config dialogs, changing and tweaking settings and expect everything to work. It can be done but your support desk overhead becomes criminally expensive. I haven't even begun to discuss the difficulties involved in effectively securing the authentication protocols used for your end users services - what are we proposing? Cached user names and passwords? X.509 certificates and mutual authentication? OTP's? If so how do you configure both ends so that you preclude man in the middle attacks and credential stealing?

      Why do we need to authenticate the device? Well what happens when a user loses a device or its stolen? That happens on average twice a day for us worldwide BTW. We revoke the device's access and then provision the user with a new one. To do that we need to be able to auth the devices too. We could get away with not doing that but would end up having to cancel user accounts to remain secure.

      The closed nature of the iPhone precludes the above and that is the reason enterprises are saying that it is not suitable. I think it's going to be a great consumer device and, yes, I want one too but we aren't going to see support and adoption in large organisations that care about security until they provide the tools to manage the platform correctly (or just open it up). If Apple come out with comprehensive configuration subsystem using (for example) OMA-DM via SyncML then things would be looking up.

      Exchange support would be nice but it's not critical at all even for monocultural Microsoft shops. Anyone can write a gateway interface between Exchange and anything else if they want to. It may be proprietary but it isn't closed. That's a very important point here.

  2. Re:Yawn by nevali · · Score: 4, Informative

    MS, to an extent, but mostly RIM.

    I could be wrong, but I was under the distinct impression that the iPhone would do POP3/IMAP4, just like pretty much every other phone released in the past 12-24 months.

  3. Re:Why must we continually re-invent the wheel? by dave420 · · Score: 3, Informative

    Or use Exchange, and then not have to make any sacrifices at all. Businesses don't want to lose the competitive edge they have, so cutting back on functionality, especially functionality as important as group calendars, is a deal-breaker. Exchange isn't re-inventing the wheel, it's clearly better than the solution you suggested, functionality-wise at least. I'm not trolling for MS or anything, it's just that companies don't give a rat's ass about F/OSS (often to their detriment) - they look at feature lists.

  4. Re:Yawn by kingtonm · · Score: 3, Informative

    There's nothing wrong with having well supported proprietry kit, if you're already bound in, just make sure you've got a good handle on the bed you've chosen to lie in. We run exchange here, that means I can sync all my mail and appiontements to my windows mobile device (which I happened to already own). The standard device of issue here is the blackberry. It works well, the firm knows how much it costs to run, upgrade, support and what they get out of it.

    As people move from one firm to another, Crackberrys are so common the transition is often seamless. It's also nice in the fact that because there are so many users, I often overhear the execs and managers discussing tweaks and doing self-support.

    For what it's worth, OTA syncing of mail and calendering is so totally piss poor being, as it is, supported by some of the most conveluted, non standard, standards you've ever seen. Have you ever tried writing anything to use syncML?

  5. This story is 100% BS. by jcr · · Score: 4, Informative

    iPhone works with POP and IMAP. They found a couple of IT drones who hadn't bothered to find out what was involved in supporting the iPhone, and just assumed that they'd have to jump through the same hoops that RIM requires.

    -jcr

    --
    The only title of honor that a tyrant can grant is "Enemy of the State."
  6. Daring Fireball by LKM · · Score: 4, Informative

    John Gruber has an article about this, for those interested.

  7. Re:Yawn by rbanffy · · Score: 4, Informative

    One of the key functions of RIM-style e-mail is that the server tells the phone that it has to download something instead of the phone polling the server if there is something to do. It is useful if you need to be informed of something immediately after the e-mail arrives instead of waiting until the next scheduled contact.

    With reduced cost per megabyte, higher data rates and increased battery life, this is becoming less and less relevant. I am completely happy with my IMAP, mainly because, when I really need to know, my server sends me an SMS that arrives in less than 10 seconds.

    --
    http://www.dieblinkenlights.com
  8. Re:Can I brick an iPhone? by Anonymous Coward · · Score: 3, Informative

    Exactly. People crying about the iPhone supporting POP3 and IMAP are obviously not working in a corporate environment. Getting mail to the phone is the easy part folks. Getting mail to the phone in a way that doesn't drain the battery instantly (push), and in way where the mail can be locked and secured in an instant.. That's the tricky bit. The Blackberry is a good device, but -and make no mistake- Blackberry Enterprise Server is the key to RIM's success. I busted out laughing during last year's keynote when Steve mentioned Yahoo! Mail for push.. WTF?

    Furthermore, people talking about putting tape over the iPhone's camera or those commenting about the camera being the least of the security concerns since the thing has bluetooth or can be attached via USB also don't get it. With BlackBerry Enterprise Server a corporation has the ability to lock that stuff down in the same way as they can lock down a user's computer. I can disable the BlackBerry's camera, bluetooth, usb.. I can push software down to all devices (SUPER convenient during that idiotic change to DST), and I can remove software from all devices. This combined with flawless syncing with our messaging system via push technology is why BlackBerry wins in the corporate environment.

    The iPhone looks sweet as hell, but -in the end- it is just out of place in a serious corporation.

  9. Re:No, it's a *big* problem with mobile devices by hab136 · · Score: 3, Informative

    And the Calendar is what? The Contacts/addressbook is what? The Todo list is what format? The notebook is what format?

    Calendar - iCal/CalDAV (open standard, same as Mozilla's Sunbird)
    Contacts - vCard, open standard
    Todo - iCal again
    Notebook - on the iPod, the notebook is a directory of regular text (.txt) files - I imagine iPhone will do the same.