iPhone & The Enterprise

By now, you’ve seen the announcement of the March 6th iPhone announcement (which better be more than discussing a future announcement since that’s already two pointer de-references we have to manage). While I am – and many other and far more capable developers are also – eagerly awaiting the SDK release, the promise of “exciting new enterprise features” has me a bit more than intrigued. As it stands, the iPhone has quite a long way to go before it can weave it’s way – officially – into corporate IT standards. Adding support for third-party applications is one checkbox ticked, but what are the remaining “must-have” features for enterprise adoption?

Exchange, Exchange, Exchange

Microsoft Exchange still dominates the mail & calendar infrastructure of the Fortune 1000 enterprises, though hosted solutions like Google Apps, are making inroads and some data center alternatives are emerging. Apple will need robust support of Exchange messaging, calendaring and address book access before in-house IT will ever consider official support for the device. For wide-scale adoption, Apple must look beyond the most recent version of Exchange and provide support for older and even legacy installations since many organizations have not kept up with the preferred Microsoft upgrade cycle.

Centralized Configuration & Policy Management

Large companies cannot afford to trust users to maintain the correct settings on their desktops let alone their handheld devices. Apple must provide a way to develop a configuration (a.k.a. “policy”) for the iPhone which is pushed from a central authority and enforced by the device. Users cannot be permitted to alter the settings since that would create a support and security nightmare.

Security, Privacy & Integrity

To meet stringent data security requirements that usually accompany the corporate use of mobile devices, Apple will need to kick-up the security features of the iPhone quite a bit. The message, address book and calendar storage areas will need to be encrypted. They will need to facilitate stronger device locking & password policies and provide a mechanism for remotely wiping the device of all data in the event one goes missing or is stolen.

Apple also needs to seriously enhance the operating system protection features to prevent – or at least detect & report – integrity violations caused by either a “jailbreak” attempt or malicious software attack. An anti-malware component would be a requirement for some institutions along with the ability to manipulate firewall rules, both via some local GUI as well as via centralized policy.

While the device already has rudimentary VPN capability, providing full IPsec connectivity with soft-certs would be necessary to enable a large number of shops to allow full internal network access.

A Holistic Solution

My strong guess is that the exciting enterprise portion of the announcement will fall short of these broad sweeping feature requirements and amount to little more than enhanced Exchange compatibility. From my viewpoint, there are two fundamental approaches Apple could take to holistically meet enterprise needs:

  • Release an Xserve-based iPhone enterprise server that connects to Exchange, IMAP, Google apps, etc with the full configuration & policy features mentioned above. The likelihood of this is low given the complexity of developing such a solution and high barriers to entry since most corporations already have either a Blackberry Enterprise Server or Exchange PDA connector and do not have Apple on the corporate standards list;

  • Partner with Research In Motion and possibly a company like Bluefire Security Technologies on integrating policy management features and a secure message store into the device itself. The RIM partnership gets Apple in the door immediately and is not completely out of the question since RIM provides Blackberry Connect software for Windows Mobile devices which does something similar.

Thus ends my enterprising speculation and I now await the arrival of the Ides minus nine with the rest of the Apple iPhone community.


Comments have been disabled for this post