Every morning, it’s the same story:
Dock my laptop, connect my iPhone, then sync my calendar from Outlook.
I’m sick of it.
But I need iTunes on my work system to sync that damn calendar. And as I’ve stated before, iTunes is a pig–consuming copious processor time and memory for what, in this case, is nothing more than a synchronization program.
That’s why Apple’s announcement of the impending integration of Microsoft’s ActiveSync, along with all the other corporate-geared enhancements (like Cisco VPN Client, Remote Wipe), are such a welcome relief. I would absolutely love to get iTunes off of my primary work computer. I synch music, podcasts and video to the iPhone from home–all forms of media that have no business tying up my company’s storage or networked resources, and I have no other need for the application at work other than the calendar and contact sync.
But after watching the video of Apple’s iPhone SDK and enterprise feature set, I’m wondering if corporations will simply be juggling one ill-considered delivery mechanism for another, as there was a pretty tidy lack of details about many of the features, including application delivery.
Apple’s going to tightly control application availability for the iPhone. iPhone application makers are going to have to join the developer program (for $99) to make the apps for distribution to the iPhone or the iPod Touch, then get their application signed, vetted, and qualified against Apple’s ratings system before it will be made available.
After that process, the application will be available via Apple in two ways: via iTunes (and a sideload to the iPhone) and by way of their new Web-based App Store. But since Steve Jobs said at one point that “The App Store is going to be the exclusive way to distribute iPhone applications directly to every iPhone user,” we have to anticipate this will be the primary delivery mechanism as far as Apple is concerned.
But as a delivery system, the App Store seems to leave a lot of holes for the enterprise admin.
If a business is buying iPhones for their users–and I certainly expect this to now be an appealing option, given the new features and the iPhone’s market-leading mobile browser–these businesses may want to control what goes onto the devices. And since the App Store is open and available to all, the problem of iPhone users running as root by default will become an even greater liability.
As root, users can install anything they want– like AIM client and Spore, for example–whether or not their company approves. The corporate mobile admin may not be able to stop the install, and it is unclear at this point whether they will be able to automate the removal of offending applications. Listed among the new features was also “security policies” but what these consist of is so far unstated.
So I’m trying to imagine how the App Store–with security policies in place–will work. I sincerely doubt Apple will build something akin to Microsoft’s Windows Server Update Services, where the admin approves certain packages which are then hosted locally and delivered to clients according to policy. Will Apple instead make some kind of group registration to the App Store available, where a corporate admin approves software packages which can be pushed (or pulled manually) to the devices directly from the App Store? The security policy would then define the group membership, and the App Store has an account page where admins need to define the MAC addresses or device ID of every iPhone that needs to access the “personalized” store.
I’m no Apple expert, but I don’t think they have any kind of experience with the latter kind of implementation, and I question whether Apple would really want to get that granular, unless they can generate a new revenue stream off of it.According to Engadget’s live blog of the event, there was some nebulous talk during the Q&A session where Jobs indicated they are “working on a special app for internal enterprise applications,” but I am unclear whether that means “apps designed for internal use” or “apps deemed necessary for deployment.”
Of course, this point is moot if the root issue has been addressed with Version 2.0 and admin get some tools that help clearly define and articulate an individual user’s rights on the device. But we don’t know that yet.
We’ll just continue to wait.