We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Android vs iPhone: security nightmare

iPhone smartphoneHere's an ad you'll never see: "The new Vodafone (or T-Mobile or O2 or Orange) smartphone: Your IT department's best friend."

After all, the smartphone wars have been about the consumer for some time now, promising more features, more fun, more glitz.

Despite earlier reservations, I've come to love my Apple iPhone, especially when visiting a part of the country where O2's much maligned 3G network actually works.

But when it comes to business environments, the iPhone falls short. In fact, with the exception of the BlackBerry (which isn't much fun), the smartphone as a class appears to be putting the needs of enterprise users and the IT jockeys labouring to protect enterprise security firmly in the backseat.

iPhone vs Android

Smartphone reviews

Google Android review

Indeed, something ugly is under way.

IT has the same responsibility for security and network management it's always had, but armed with powerful and relatively cheap smartphones, users increasingly have the power to circumvent those policies, says Gartner analyst Ken Dulaney.

And it will only get worse. Smartphones now account for 14 percent of overall mobile device sales, but by 2012 they will make up around 37 percent of global handset sales, according to a recent Gartner report.

Apple iPhone 3GS review

You'll see PC makers jumping into the fray, the Android platform will take off, and the battle will continue to be about consumer-oriented features - not business readiness.

That's great news for consumers, who will benefit from competition-driven innovation and, hopefully, lower costs. But for the hardworking folks in the trenches of network management? "IT will be in a losing battle, blamed for things it can't control," says Dulaney.

IT security: All about the image
Notebooks and desktops, says Dulaney, "are typically managed by restricting the choices that users have by reducing the number of software images. This standards-based process ensures control by reducing flexibility."

But try maintaining that system when users can buy a relatively cheap smartphone with as much power as a desktop had in the early 1990s.

"Furthermore, attempts by IT organizations to prevent the use of handheld devices has largely failed because of the number of tools [available] to work around IT policies.

For example, users who are restricted from using wireless e-mail often find ways to redirect email to outside ISP services, where they synchronize e-mail to their personally owned devices. This raises the security threat for enterprises because it means that control of email routing has been lost," Dulaney says.

The last time I worked full-time in an enterprise, corporate IT not only controlled email, but it placed significant restrictions on the use of instant messaging.

Yes, it was irritating to us users, but since the company had a lot to do with the stock market, the risks of individuals disclosing market-moving information rightly outweighed our convenience.

But now that we all have smartphones, we can tweet and text to our heart's content and there's not a damn thing IT can do about it.

Not only does the smartphone as a platform create implicit challenges to IT, the device makers go out of their way, at times, to be IT-unfriendly.

There's no better example than the fact that, prior to the 3.0, iPhone OS had been falsely reporting to Exchange servers that it supports on-device encryption. Not only was the error undetected for some time, but Apple apparently knew the seriousness of this security glitch and covered it up.

But more pernicious is the half-hearted support of IT's needs in all the up-and-comping smartphone platforms.

Apple has a half-baked iPhone management tool and supports a decent number of Exchange ActiveSync policies. And it's the best of the bunch.

The WebOS-based Palm Pre has no IT-oriented management capabilities, and even less ActiveSync policy support. Ditto for Nokia's Symbian-based devices.

The new Android 2.0 OS finally supports Exchange ActiveSync, but when asked what its degree of ActiveSync support was, a Verizon spokeswoman told my InfoWorld colleague Galen Gruman that the new Motorola Droid - the Android 2.0-based "iPhone killer" to be sold by Verizon starting today in the US - was "primarily a consumer device," not aimed at business needs.

Users must be accountable
While I don't always agree with Gartner's research, the current study is certainly worth considering.

It projects that Android's share of the smartphone market will increase from just 1.6 percent in early 2009 to 18 percent by late 2012.

Apple's share, Gartner says, will increase by 2.9 percent to 13.6 percent. Even more interesting, the most business-oriented platform, the BlackBerry, will lose 6 points, sinking to 13.9 percent of the market.

"All of the vendors recognize that you've got to sell the consumer first," says Dulaney - a fact that may indicate that the best days of IT, when technology was relatively expensive and moved from business to the home, are behind us.

That trend has encouraged a split between IT's undoubted responsibility for security and sane management practices, and its loss of power to enforce those policies. Having responsibility without real authority is never a good situation.

I'd like to see device makers and carriers give real thought to emphasizing enterprise-friendly features, but I don't expect that to happen any time soon.

In the meantime, says Dulaney, IT needs to make a pact with users: You can do more of what you want to do with your smartphones and other toys, but if something bad happens, you take the hit. Management, of course, has to sign off on this kind of a treaty, and that could be a tough sell.

Even so, smartphone users must grow up and accept responsibility for their behavior if they insist on bending IT to their desires.

InfoWorld

IDG UK Sites

Very best Black Friday 2014 tech deals UK: Latest bargains on phones, tablets, laptops and more...

IDG UK Sites

Black Friday feeding frenzy infects the UK

IDG UK Sites

VAT MOSS: Will I be affected by the EU VAT changes? Here are the facts for designers and artists

IDG UK Sites

Black Friday 2014 UK: Apple deals, Amazon deals & Black Friday tech offers