iPhone vs BlackBerry: Is RIM still winning the security battle?

Or is Apple now secure enough for your enterprise?
Written by Jo Best, Contributor on

Or is Apple now secure enough for your enterprise?

With the Apple iPhone increasingly making its way into businesses as a corporate mobile device, have the security concerns that dogged the handset finally been put to bed?

Earlier this year, civil servants and ministers were banned from using the iPhone, as the device has not yet received appropriate security clearance, unlike the Whitehall-friendly BlackBerry.

BlackBerry Bold vs iPhone 4

BlackBerry vs iPhone 4: Are both up to enterprise standard?
(Photo credit: Natasha Lomas/silicon.com)

But for most businesses, the iPhone is now secure enough that IT departments should be willing to embrace it for corporate use, a new report from analyst house Forrester has found.

"IT initially dismissed the iPhone as unserious, insecure, trendy and suitable only for consumers. That was valid criticism in 2007 because Apple's iPhone offered few enterprise email or security features. But three years later, with iPhone OS 3.1, Apple's mobile devices provide enough security features that most enterprises can use them safely and securely," the Apple's iPhone And iPad: Secure Enough For Business? report stated.

According to Forrester there are a number of key security policies which Apple supports that, if implemented, should make the iPhone safe enough for use in most businesses, including remote wipe, email encryption and autolock after the phone is unused for a certain period of time.

For enterprises who need higher-level security policies, the report also details additional steps businesses can take to lock down their iPhones: instituting seven-letter alphanumeric passcodes to unlock the device, using hardware and application encryption and implementing certificate-based authentication.

"With the right policies and technical controls, you can operate Apple mobile devices at least as securely as the typical corporate laptop, without malware and with an insurance policy (remote wipe) against theft or loss. Higher-security options, such as mandatory hardware encryption, stronger authentication, and camera restrictions, give enterprises higher assurance when it is needed," the report said.

However, for companies who want the most secure mobile devices, Forrester still recommends sticking with the BlackBerry.

"To be clear, the iPhone and iPad are not in the same class as Research In Motion's BlackBerry - the gold standard for secure mobile devices. But depending on the levels of risk and regulation your enterprise faces, the level of security provided by the iPhone and iPad might well be acceptable for use as primary or secondary mobile devices," the report said.

"Enterprises that require strong authentication or that must log all forms of mobile communications will find the iPhone security features lacking. These enterprises might choose to allow lower-risk, task-based workers to use the iPhone, but for most or all of their smartphone needs, they will stick with the tried-and-true, time-tested BlackBerry solution they already know," it added.

Editorial standards