iPhone security measures has been a live theme among researchers and psychoanalyst since well before the twist was even available to the populace in June . While some have been ringing the warning bell that the iPhone is not suitable for the enterprisingness , one analyst says those concerns have been pontifical .
“ I think it has been exaggerated , ” Andrew Jaquith , security system analyst with the Yankee Group , told Macworld . “ You have to protrude with the reflection that many of the people that complain the loudest and say it ’s a security threat run to be security measure companies themselves . ”
Vulnerability direction trafficker nCircle ’s Andrew Storms was one of the first when he pronounce the iPhone “ our new security measure nightmare . ” This before the iPhone was release .
Gartner psychoanalyst Ken Dulaney told IT executives to keep Apple ’s iPhone away from their networks , eight days before the iPhone hit stock shelves .
Jaquith said that security measures criticism of the iPhone evenfall into two categories — the iPhone is not enterprise ready and that it is insecure . Both of these claim , he said , are overblown .
While IT managers may not want to officially support the iPhone on their networks , it will make its way into the go-ahead and pot through the employees — whether they care it or not .
“ There are reasons not to bear the iPhone — you do n’t desire to underpin IMAP or the savor of VPN that the iPhone uses — those are policy decisiveness , ” tell Jaquith . “ surety is not the rationality . ”
One argument investigator have against the iPhone is that it has no data security features . Jaquith counters that the iPhone does digest SSL and TSL and there is small raw information on the iPhone that needs to be encrypt .
The Yankee Group also fence that opening any necessitate ports to permit email joining not kick the bucket through VPN can be done on non - standard ports , minimizing any risk .
Gartner ’s Dulaney point out that the iPhone does n’t have remote rub ( the ability to pass over the headphone ’s data if lost ) and it does n’t have a firewall . Again Jaquith say it just does n’t matter because of the case of data the iPhone has on it and none of the iPhone ’s processes require open TCP / IP port .
“ By contrast , agree to Symantec ’s Ollie Whitehouse , Windows Mobile listen on four port : 137 and 138 ( NetBIOS ) , 1034 ( ActiveSync notifications ) and 2948 ( WAP push button ) , ” said Jaquith . “ This does not mean that Windows Mobile is necessarily unsafe ; it just imply that the assumptions underlying the firewall critique do not go for in the case of the iPhone . ”
In improver , All usage applications that run on the iPhone are web - free-base , and substance abuser do not have access to the inherent file system of rules .
While Jaquith feels analyst have exaggerate security business organization with the iPhone he would like to see Apple rescue software patches over the air and spread out keychain and personal identity documentation on the iPhone .
As for enterprises , Jaquith has a few recommendations for them as well , include turn on IMAP - S , using L2TP over IPSec and using non - standard ports .
“ security measures worries about the iPhone are portentous , ” tell Jaquith . “ To boost employee productiveness , enterprises would be better dish up thinking about how to oblige the iPhone . It ’s the best phone and iPod I ’ve ever used . ”
