Re: [Fed-Talk] RE:iPhone security info
Re: [Fed-Talk] RE:iPhone security info
- Subject: Re: [Fed-Talk] RE:iPhone security info
- From: Rex Sanders <email@hidden>
- Date: Sun, 10 May 2009 18:51:21 -0700
Ian,
iPhone security has lots of glaring holes, particularly if your
organization doesn't use MS Exchange or the iPhone Configuration
Utility. iPhones might be a poor choice for organizations with high
security needs. So it goes with many consumer-oriented products. I
was surprised Apple put as many security features in as they did.
I don't know of any alternatives to Exchange for remote wiping
iPhones. Seems like a third party could reverse engineer the
protocol, and sell remote wipe apps. Maybe Microsoft has a patent-
protected protocol.
IANAiSE - I Am Not An iPhone Security Expert. I'm just an overworked
SA with lots of users buying iPhones who want email and VPN access --
which many users are smart enough to figure out on their own. Some
security guidance is better than none.
Here's hoping Apple adds many enhanced security features to iPhone 3.0.
-- Rex
On May 4, 2009, at 2:09 PM, Bell, Ian Frederick wrote:
This is a good start but I have a glaring hole that I cannot seem
to work around. Its the fact that the phone profile you set up is
not locked into place. What I mean is that anyone who gets hold of
the iPhone Configuration Utility has the potential to wipe out
those settings. and setup their own. From a corporate perspective
this is no go for me. Also that I have to either e-mail or setup
a web location to dump this profile is an issue. You also mention
you are not using exchange so what is your method for remote wiping
the phone which relies on that currently as its only method?
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden