iPhone

Insecure iPhone gets the cold shoulder in corporate IT


The iPhone is drawing criticism from IT pros for its poor integration into corporate secure e-mail systems, and that may outweigh Apple's short term gains yesterday with the 'longer battery life' announcement.

A Wall Street Journal article points to the lack of clients for Blackberry and other secure servers, and it notes Cupertino's concept to reach into business markets are a leap into territory where Apple doesn't have a lot of strength. The article lists corporate reluctant to allow iPhones onto their e-mail nets, because the only known method for e-mail from an iPhone uses IMAP, and the attendant security risks have a chilling effect on the cool new device.

Yes, it may be geekalicious and have AJAX support, but if it exposes company data to unauthorized eyes, how could it sell into the Fortune nnnn world, where Apple wants badly to reach?

Tell us what you hear about the iPhone in the boardroom. Join the discussion.

10 comments
IT Generalist
IT Generalist

I think it would greatly help Apple to make iPhone more compatible with the existing email technology that way users can easly compare iPhone against other PDA devices on their existing communication infrastructure rather than taking the pain to setup something totaly new. With this strategy of trying to be different, Apple may loose the oppurtunity to put it's foot in the door. Another things is that it is only available through AT&T which is kind of dissapointing because I have just signed up with T-Mobile and I wouldn't want to pay a panelty to switch to AT&T, on top of the price tag of $499 to try this device out.

debonairone
debonairone

Not sure about everyone else, but my customers would not benefit from a device that is touchscreen only... In corporate america, we usually see devices shoved in pockets with change, or in purses with keys, I think you already see my point... I am a little hesitant about deploying a device that has such a glaring deficiency (when taking corporate users into account, since they usually don't bear the cost directly...).

NOW LEFT TR
NOW LEFT TR

Touch them perhaps?

NOW LEFT TR
NOW LEFT TR

What is the difference being a TS or having keys?

debonairone
debonairone

If I have a touchscreen only device, I want to avoid keys (housekeys, carkeys, churchkeys, etc...) or anything else that can scratch the device or severely impact it causing damage to the display...

onephatcat
onephatcat

First of all, do any 2007 email servers still have this vulnerability? The IMAP insecurity is circa 1997, ten years old. So one would presume (but not assume) that that problem has been fixed sometime in the last decade and is no longer an issue. Secondly, wouldn't it be prudent to run IMAP over SSL? My Treo 750p has no problem doing IMAP over SSL. If your users want to use the iPhone, you should listen to them and try to make them happy, and keep your organization as secure as possible. Remember they are your customers.

K7AAY
K7AAY

Has the security risk of IMAP-only e-mail from iPhones yet hit your Chief Security Officer, or is the iPhone still riding the wave of the famed Jobs Reality Distortion Field? Tell us what you hear when the conversation turns to "Am I safe?"

Fil0403
Fil0403

No, the security risk of IMAP-only e-mail from iPhones hasn't yet hit my Chief Security Officer, but, if I had one and he would be doing his job correctly and professionally, it certainly would and the iPhone (and any other Apple product with the exception of the iPod - IMHO the only trully good and worthy of the hype Apple product) has never been riding the wave of the famed Jobs Reality Distortion Field on my mind.

mystiquesyst
mystiquesyst

but if you watch the intro from January - the IPHONE uses IMAP and POP.

Fil0403
Fil0403

What makes the iPhone unsecure is not the absence (or nor) of POP support, but the lack of email features and capabilities, namely support for 3rd party synchronization technology that allow users to encrypt their e-mails for secure transmission and update their contacts, calendar and tasks wirelessly rather than the next time when they physically connect with their PC.