In his keynote address at the Worldwide Developers Conference in San Francisco today, June 9, Apple CEO Steve Jobs confirmed many of the rumors surrounding the next-generation iPhone. While we already knew about the software features of the iPhone 2.0 software (the SDK, App Store, Exchange ActiveSync and Cisco VPN client) from his announcements in March, this time Jobs confirmed that the new hardware will have a 3G radio, integrated GPS and a much more attractive price tag ($199 for the 8GB model) that severely undercuts the price levels for many other enterprise-targeted mobile devices available today.
In the face of all this big (yet already widely speculated) news, the detail that most caught my attention, however, was a single comment offered by Jobs that was something to the effect of, "Enterprise users will synchronize their custom applications through iTunes."
Jobs was discussing Apple's newly announced enterprise application delivery system. Essentially, Jobs confirmed that Apple's enterprise customers have stated that they want to be able to distribute and applications themselves, rather than doing it via the App Store. Per their wishes, enterprise administrators will be able to authorize individual iPhones within their enterprises, then distribute applications that can only run on these authorized devices. Users will download the applications from the enterprise's internal store to their PCs and install them via iTunes.
Believe it or not, iTunes is now an enterprise application. Unfortunately, as I've complained many times in the past, iTunes is totally unfit to be an enterprise synchronization application, due to its roots in consumer software, its bloated memory footprint and its complete lack of centralized management controls.
But since the cat is out of the bag, instead of complaining about its lack of suitability for the task, let us instead look at some the modifications Apple could make to iTunes to ensure the application's enterprise-readiness.
Without a doubt, iTunes will now need some form of centralized management control. Whether it comes in the form of an Apple Server-based Software Update Services module for iPhone, or whether Apple creates iPhone Administrative Templates for Microsoft's Active Directory Group Policy, Apple needs to provide controls over many aspects of iTunes' default behavior in order to allow corporate IT to manage and monitor the application.
First of all, administrators need to start enforcing iTunes and QuickTime version control in order to standardize the fleet on known good versions of the applications, and to be able to update the clients in lockstep with each other (both to ease IT support and to streamline user experience.) Apple could go a couple routes here -- as both partnering with enterprise third-party patch and software distribution managers (like Lumension Security or BigFix) and offering centralized policy controls over the Apple Software Update applet should appease the majority of customers. Enterprise IT will also need the ability to rein in the relatively new practice of Apple Software Update Manager using iTunes updates as a Trojan horse to introduce new applications like the Safari browser.
IT administrators will also need control over many default iTunes behaviors in case they want to lock out certain features. For instance, administrators should have the ability to centrally shut off the sharing of media libraries, to define the default location to look for media content and to disable access to all (or part of) the iTunes Store.
Apple (and enterprise customers) are also going to have to seriously rethink the marriage between the iPhone and iTunes to fit the many ways an enterprise may want to manage the use of its mobile devices. Traditionally, an iPod (and later, an iPhone) marries a single instance of iTunes, forming a partnership to share content. Once a device synchronizes with a second iTunes instance, it loses its content from the first. With the iPhone, this marriage was extended a bit depending on the type of content -- for instance, I synchronize podcasts, music and videos from my home PC to the iPhone, while obtaining contacts and calendar from my work system.
But enterprise customers are going to have wildly divergent ways of balancing the iPhone's work and entertainment functions. While some companies will let their users do it all from their work PCs -- synchronizing music, videos, and work applications from the corporate PC -- many others will not want their users to get into the practice of storing personal media content on a work computer. If this is the case, some companies may allow users to put personal media on work iPhones via their home PCs, while others may lock it down completely -- only allowing work-related content from corporately maintained stores.
Ideally, Apple will allow all these scenarios, giving the enterprise the flexibility to control how their devices will be used by their employees.