iPhone Enterprise Security - Is there any?

Discussion in 'iPhone' started by Throckmorton, Aug 1, 2008.

  1. Throckmorton macrumors newbie

    Throckmorton

    Joined:
    Aug 1, 2008
    #1
    All iPhone users,

    I am am opening up a general discussion on the security of the iPhone. I have some concerns that the iPhone 2.0 or 1.x firmware is not as secure as it could be. Although Apple is reviewing the applications on the App Store, I don't know if they are doing a line by line code review and worry about applications or web pages that may BOT an iPhone and steal our corporate data.

    The Enterprise Deployment Tools are limited at best in securing devices and not having the ability to "push" configurations is bad.

    I do think the iPhone 3G default firmware is more secure than the Jailbroken firmware, but I think its just a matter of time before such powerful phones become BOTS.

    Unlike a BB, applications can modify process or system scripts and I think this is a scary thing especially without any warnings at all.

    Comments? Thoughts? If you have credible information to iPhone insecurities please post the links.

    Thanks
     
  2. TEG macrumors 604

    TEG

    Joined:
    Jan 21, 2002
    Location:
    Langley, Washington
    #2
    Your information is out of date. Enterprises can build their own iPhones, configuring them however they want. Also, you can force certain rules for access to exchange data.

    Apple is reviewing applications to prevent bots and viruses to be deployed. The iPhone is just as likely to become a bot as any computer connected to your corporate network, in fact the computer connected to your network is much more likely to become a bot as the iPhone is a closed platform.

    TEG
     
  3. Phil A. Moderator

    Phil A.

    Staff Member

    Joined:
    Apr 2, 2006
    Location:
    Shropshire, UK
    #3
    iPhone is not perfect in regards to Enterprise Security (no full device encryption for starters), but the applications from the App Store are pretty well sandboxed: Each app has it's own area of storage and it is not possible for it to read or write outside of that area.
    However, as far as iPhones becoming BOTs, then at this stage you may have a (potentially) valid concern: Theoretically an application could steal information from a corporate network if it was connected via WiFi.
    Having said that, this is true of any application on any computer: presumably if you are concerned about data security you don't allow any untested applications onto the network, and that need there for the iPhone as it is for a PC. The risk is slightly mitigated on the iPhone because all apps are signed so there would at least be a trail back to the original author.
     
  4. danny_w macrumors 601

    Joined:
    Mar 8, 2005
    Location:
    Austin, TX
    #4
    That makes no sense. First you state one thing and then you state the exact opposite.
     
  5. Throckmorton thread starter macrumors newbie

    Throckmorton

    Joined:
    Aug 1, 2008
    #5
    Thanks for the input, but I am actually looking for a bit more than just the iPhone can be owned just like a PC.


    For starters, where is the firewall? Where are the system shields? Where is the Syslog detailing the changes? Even the basic OS X has all of these things.

    Maybe i am expecting to much from a phone, but I feel (personal feeling) this device is really insecure.
     

Share This Page