I am currently working on the development of policies surrounding the use of iPhones in our corporate environment. Since we do not provide the iPhones to our users, we do not directly support their hardware or even the configuration of them to access their email and calendars through OWA / Direct Push. We added policies in Exchange that require the users to use a certificate, have a password on their phone etc. I am being informed that a 2 year old can hack into iPhones in like 20 seconds and have access to everything on it. What I have actually read myself is that if someone has jailbroken their iPhone and someone can get to it using SSH that they can do some hacking of said phone. What risk to my email this adds is unknown at this time since I don't know if said 2 year old would have to have physical access to the device to get anything substantial or not. I also have read that if someone does actually have the stolen phone in hand that they can jailbreak the phone and the hack it and get all of the info from it as well. My desire is to embrace advances in technology while doing it in the safest way possible for my corporation. If that starts with dissallowing jailbroken phones to access Exchange then that would be a good start. Any information surrounding the use of these devices in a corporate environment would be most appreciated.