iPhone

Big banks open up to iPhones as IT consumerization marches on

A new report suggests two big banks could soon allow employee-owned iPhones and Android devices, which would mark a new milestone in the spread of IT consumerization.

In the battle over the consumerization of IT -- employees using their own devices and applications for work tasks -- there has often been what were considered a few safe havens: Government, financial services, and health care. The security and compliance risks were simply too great in those industries to allow consumerization to gain much of a foothold.

However, a new report suggests that two big banks are not only letting Apple iPhones and Android devices in the door in place of the standard-issue BlackBerrys, but are also looking at supporting employee-owned devices.

According to Bloomberg, the IT departments at both JP Morgan Chase and UBS are doing serious tests to prepare for the possibility of allowing bankers to use an iPhone or an Android device rather than a BlackBerry. The Bloomberg report stated:

"JPMorgan is testing for security in batches of a few hundred devices with a decision expected later this year, one of the people familiar with the matter said. JPMorgan would not buy iPhones or Android phones for employees, as it now does with BlackBerrys. Rather, the bank would allow employees to use the devices to send and receive corporate e-mail if they make the purchase themselves, the other person said."

JPMorgan Chase has 220,000 employees worldwide. Meanwhile, Switzerland-based UBS, which as 63,000 employees, is in the same boat, according to Bloomberg:

"UBS doesn't plan to replace the BlackBerrys it issues with iPhones anytime soon, spokesman Jean-Raphael Fontannaz said by telephone from Zurich. Rather, UBS is testing the possibility of allowing employees to use an iPhone or other smartphone to connect to UBS's e-mail system without restricting the private use of the device, he said."

The move to iPhone would not be unprecedented in the financial services industry. In May, Standard Chartered Bank announced that it was migrating 15,000 of its employees from BlackBerry to iPhone.

And, this summer Apple stated that 80% of the Fortune 100 companies had either officially sanctioned the iPhone or were conducting tests.

With these two large banks on the verge of opening up to consumer-owned iPhone and Android handsets, it could mark another milestone in the growing prevalence of IT consumerization. If banks like Chase and UBS are satisfied with the security and compliance of user-owned devices then virtually most organizations could warm up to the idea, other than those that deal with the most sensitive trade secrets or classified information dealing with national security.

About

Jason Hiner is the Global Editor in Chief of TechRepublic and Global Long Form Editor of ZDNet. He is an award-winning journalist who writes about the people, products, and ideas that are revolutionizing the ways we live and work in the 21st century.

19 comments
rscott
rscott

There has to be more to this then let iPhone's into banks. They must have some way of managing the devices and being able to wipe the email. How can they pass compliance. If they don't then this will be a disaster...

The 'G-Man.'
The 'G-Man.'

just as Android is about to take the mantle...

travis.duffy
travis.duffy

How are these companies going to meet regulations with these insecure devices? Android phones have no encryption and iphones have easily cracked weak encryption. Allowing these in the financial sector will create the largest data breach ever.

santeewelding
santeewelding

And big enterprise anything else, settle on the "handset"; not on the hand. Amusing, from here. ______ subject-verb

Mike062
Mike062

When any corporation opens itself up to increased vectors of attack and when (not if) breaches occur who will be held responsible. The C-levels who emotionally demanded iPhones and Android devices are allowed access, or the It/Security staff who bowed down to the execs bullying and ranting. I think it is apparent where the blame will lay.I think it would be prudent for IT/Security staff to ensure some kind of protection from such fallout. Whether that would be some sort of departmental disclaimer or internal memos etc.I doubt you will get any C-levels to accept the blame unless it was blatantly apparent that they were the single source of any security breaches

Vulpinemac
Vulpinemac

If you think these three banks are the only ones, you've got another think coming. By now, they've all at least started testing them, if they aren't already actively supporting them.

JamesRL
JamesRL

Employees can access the exchange servers through IE, but may not VPN into the company network, unless its on a company supplied device. They have supplied iPhones to users, including myself, but have strict configuration rules on them - if they aren't followed, the device will not be able to access the email server.

johnmckay
johnmckay

- iphone has no support of Outlook Notes for one thing.. that's a biggy for me as my BB is seamless. Thats a bigger issue than the crap internet of my bold9700, hence I'll stay on it. my android doesn't either, and I'm not interested in add-on apps. One solution please. - corporate iphone can run in a secure app. Coming out and in with a password every time is a real pain. At least my BB stays unlocked for 5 minutes OR I can lock it by placing in the holster. If you don't think this is an issue I'll bet you aint doing it. - I like Android and it supports password protected docs, pdfs etc, and has a secure browser. UNLIKE the iphone. And as someone who has had a few password resets done lately, and the new one emailed to "me" or anyone who has my phone; I have become accutely aware how open my Android/iphone is. My Android now has a swipe but lets be serious... RIM wins this hands down. They're over the finish line before the others have heard the starting gun. And lastly... Whats with the article heading mentioning iPhones alone. Why make that difference when GOOD and others are actively shouting the virtues of Android in the corporate market? I don't care about the politics... but I'd say Android is looking good for corporate use, and will only get hugely stronger with the Android tablets. And please dont anyone get hung up on Android versions and differences... the core will remain the same, with operators adding their own tailoring. That doesn't have to be bad. Bring on the android tablets with their https support and lets get them connecting to corporate land asap. I want it now!!!! Employee owned devices... I'm all for it but the data usage is likely to be a concern, and the cossts incurred. My device, company SIM could be interesting. At least it would be a choice for employees to make depending on their circumstances. I'm all for it in principle.

Vulpinemac
Vulpinemac

I'd like to note that Google themselves have recommended patience before producing an Android tablet, the OS currently unable to natively handle larger screen sizes. They've also pointed out several other cautions that adoption needs to slow down, because they feel they won't have a 'ready-for-prime-time' version until 3.0. Honestly, when over 20% of the available apps are 'potential' malware and at least one app is 'proven' malware, do you really think the Android platform is going to be readily used in a high-confidentiality environment like a bank? At least the iPhone's apps are proven safe--as long as the phone hasn't been jailbroken.

Zwort
Zwort

Your resolution point amply demonstrated here: http://news.bbc.co.uk/1/hi/programmes/click_online/8981600.stm As is the question of Dolby standard mobile phones. Yeesh.

Zwort
Zwort

One day Android may become very reliable, secure and what have you. I'll give it time, which is more than I can say for Apple's cheery products. :-)

jmarkovic32
jmarkovic32

If we could hire a technician to just handle PC and phone issues, I wouldn't care. But I have too much on my plate to be screwing with iPhones and the (technical) idiots that own them. With that said, 90% of our Execs use iPhones which they use to connect to company e-mail. The fact that Apple products are dumbed down tells you the technical aptitude of its users. We have a 60 day password expiry policy. We have iPhone users that have trouble updating their password...so they call us. Officially we support only Blackberries.

Gis Bun
Gis Bun

Starting to support user-owned devices is a big mistake. It starts to get rediculous in the various models let alone what to do when the employee leaves the company. If you ask the former employee if they have any business related data on it, they'll say no. But do you really believe them? At least with a company owned phone, you retrieve the phone [and if supported, the option of (remote) wiping - you can't wipe an employee owned phone unless there was some type of agreement beforehand)]. also. are those other phones secure? BlackBerries are still the most secure of them all and has BES to support them.

Zwort
Zwort

Let's all share that new trojan for which there is no solution. Better still the latest root kit.

GregEB
GregEB

After the subprime fiasco, and the resultant meltdown, why am I supposed to blindy trust the judgement of the banking industry?

brookem
brookem

The C's want convenience. Cheap. They want it so much that everything that can be sent out of house will be. No new company starting out would roll its own e-mail & app servers, there is no business case. Legacy stuff is following. Competitive cost pressures are driving cloud hosting, the only place data needs protection. That will demand new compliance rules. The single biggest risk is social. Nobody is more compliant than IBM. Its irrelevant. Just ask Bob Moffat.