Is iPhone 2.0 enterprise-ready?

More than a week after Apple introduced iPhone 2.0 beta software with Exchange e-mail and powerful security tools, there are lingering questions over whether it can gain wide acceptance inside corporations for mission critical needs.

An IT official at a major US bank has said that the case for iPhone 2.0 internal deployment looks "less optimistic" than when the announcement was first made on March 6. That comment came after the bank's IT officials got a thorough review of the 2.0 beta from Apple officials, partly to see if federal security requirements imposed on banks can be satisfied, said the official, who asked not be named, citing bank policies.

The bank's review of 2.0 software is not complete, and the official would not elaborate.

Industry analysts agreed that iPhone 2.0 is filled with important features needed by corporate users. But some corporations, such as financial services firms and hospitals, have more demanding requirements, including federal rules for protecting data.

At its announcement, Apple said Nike and Walt Disney, among others, would be adding more iPhone users with the 2.0 release in late June. But the announced users, so far, do not face some of the tight regulatory scrutiny of banks particularly, some analysts said.
"I'd call it [iPhone 2.0] enterprise lite," said one of those analysts, Nathan Dyer of Yankee Group in Boston, during a conference call with reporters and IT managers. "In financial and health care sectors, you're not going to see a huge uptick. It's certainly not for everyone."

Clearly, some analysts disagree, including Michael Gartenberg at Jupiter Research, who said that when the CEO of a company buys an iPhone and wants to use it at work, "it becomes a de facto enterprise business tool." He added that the security in the iPhone "is certainly going to be good enough for most enterprises."

Apple officials would not respond to queries on this topic, referring a reporter to a webcast of the iPhone 2.0 announcement.

Is it secure enough?

The announcement includes many important security features, but there might be some small gaps that would pose problems for the toughest customers, some analysts said. Included with Exchange ActiveSync will be the ability to remotely wipe data off an iPhone that is lost or stolen. A Cisco IPsec VPN also will provide encrypted access to private corporate networks.

But there is still the possibility, unlikely as it may be, that a user could drop an iPhone with data on its screen that can be intercepted by anyone. For that concern, IT managers could presumably set a function that requires re-authentication even after a very short lapse in time when the device is not used. However, it is not clear how that issue would be addressed, and Apple has not provided complete answers, analysts said.