Apple iPhone, iPad in Enterprise Needs Security Policies: Forrester | eWeek

Apple iPhone, iPad in Enterprise Needs Security Policies: Forrester

Aug 4, 2010
2 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

Apple has enjoyed increased enterprise adoption of the iPhone and iPad-but a new Forrester Research report makes it clear that, if companies are to accept the devices into their fold, certain security policies need to be implemented first.

The Aug. 2 report authored by Forrester analyst Andrew Jaquith suggests that, while Apple has instituted more stringent security for its devices, enterprises need to be proactive about instituting policies of their own for the iPad and iPhone.

Those seven security policies include:

  • Requiring e-mail session encryption
  • Wiping the contents of lost or stolen devices
  • Protecting devices with a passcode lock
  • Autolocking devices after a period of inactivity
  • Autowiping devices after failed unlock attempts
  • Continually refreshing policies
  • Protecting the configuration profile

“These seven Apple mobile device policies satisfy the basic security needs of most enterprises,” Jaquith wrote. Enterprises should consider instituting provisions to acceptable-use policies, he added, including the requirement that employees back up their devices using iTunes.

Certain enterprises, such as health care, demand more stringent security policies. For those companies, Jaquith recommends additional configuration profile settings: seven-character alphanumeric passcodes for stronger protection, hardware encryption with an AES-256 symmetric key, certificate-based authentication, and the application encryption supported by iOS4.

Those more-stringent requirements would also demand new policy provisions, including a company right to emergency device confiscation, and a requirement that users scrub their address books of sensitive information such as social security numbers.

At the top level of stringency, an enterprise can institute policies for Apple devices that include blocking use of the iPhone camera, prohibiting access to the App Store, turning off the screen-capture feature, and preventing use of the browser. However, Forrester apparently “regards these policy options as excessive for personally owned devices, as we recommend that you implement these policies only sparingly.”

Even with Apple’s more robust security measures, the report suggests that the iPhone and iPad “still lack some key security and management refinements that enterprises require.” These include the iPhone’s inability to automate installation tasks, even as it generates configuration profiles; a lack of mature enterprise device management tools and support for smart-card authentication; no compliance with FIPS 140-2; and zero capability for logging and archiving SMS messages.

In addition, the iPhone and iPad lacks support for client e-mail end-to-end encryption, fine grained application control, and the native ability to compartmentalize work and business environments on the device.

“While most enterprises can use Apple mobile devices securely, some require higher levels of authentication assurance, resistance to attack, manageability, and logging that the iPad or iPhone can provide,” Jaquith wrote. “For these customers, Research In Motion’s BlackBerry still rules the roost.”

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.