Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

iPhone Enterprise Security - Is there any?

Throckmorton

Throckmorton

macrumors newbie
Original poster
Aug 1, 2008
2
0
All iPhone users,

I am am opening up a general discussion on the security of the iPhone. I have some concerns that the iPhone 2.0 or 1.x firmware is not as secure as it could be. Although Apple is reviewing the applications on the App Store, I don't know if they are doing a line by line code review and worry about applications or web pages that may BOT an iPhone and steal our corporate data.

The Enterprise Deployment Tools are limited at best in securing devices and not having the ability to "push" configurations is bad.

I do think the iPhone 3G default firmware is more secure than the Jailbroken firmware, but I think its just a matter of time before such powerful phones become BOTS.

Unlike a BB, applications can modify process or system scripts and I think this is a scary thing especially without any warnings at all.

Comments? Thoughts? If you have credible information to iPhone insecurities please post the links.

Thanks
 
Your information is out of date. Enterprises can build their own iPhones, configuring them however they want. Also, you can force certain rules for access to exchange data.

Apple is reviewing applications to prevent bots and viruses to be deployed. The iPhone is just as likely to become a bot as any computer connected to your corporate network, in fact the computer connected to your network is much more likely to become a bot as the iPhone is a closed platform.

TEG
 
Throckmorton said:
All iPhone users,

I am am opening up a general discussion on the security of the iPhone. I have some concerns that the iPhone 2.0 or 1.x firmware is not as secure as it could be. Although Apple is reviewing the applications on the App Store, I don't know if they are doing a line by line code review and worry about applications or web pages that may BOT an iPhone and steal our corporate data.

The Enterprise Deployment Tools are limited at best in securing devices and not having the ability to "push" configurations is bad.

I do think the iPhone 3G default firmware is more secure than the Jailbroken firmware, but I think its just a matter of time before such powerful phones become BOTS.

Unlike a BB, applications can modify process or system scripts and I think this is a scary thing especially without any warnings at all.

Comments? Thoughts? If you have credible information to iPhone insecurities please post the links.

Thanks
Click to expand...

iPhone is not perfect in regards to Enterprise Security (no full device encryption for starters), but the applications from the App Store are pretty well sandboxed: Each app has it's own area of storage and it is not possible for it to read or write outside of that area.
However, as far as iPhones becoming BOTs, then at this stage you may have a (potentially) valid concern: Theoretically an application could steal information from a corporate network if it was connected via WiFi.
Having said that, this is true of any application on any computer: presumably if you are concerned about data security you don't allow any untested applications onto the network, and that need there for the iPhone as it is for a PC. The risk is slightly mitigated on the iPhone because all apps are signed so there would at least be a trail back to the original author.
 
TEG said:
Your information is out of date. Enterprises can build their own iPhones, configuring them however they want. Also, you can force certain rules for access to exchange data.

Apple is reviewing applications to prevent bots and viruses to be deployed. The iPhone is just as likely to become a bot as any computer connected to your corporate network, in fact the computer connected to your network is much more likely to become a bot as the iPhone is a closed platform.

TEG
Click to expand...
That makes no sense. First you state one thing and then you state the exact opposite.
 
Thanks for the input, but I am actually looking for a bit more than just the iPhone can be owned just like a PC.


For starters, where is the firewall? Where are the system shields? Where is the Syslog detailing the changes? Even the basic OS X has all of these things.

Maybe i am expecting to much from a phone, but I feel (personal feeling) this device is really insecure.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back