Managing and securing iOS 4 devices at work
Beyond the security options, there are a number of ways to customize an iOS device for use with your company's network and resources. You can preconfigure access to Wi-Fi networks, VPN and e-mail servers. You can also pre-populate bookmarks for the mobile Safari browser to ensure that users can easily access internal (or external) Web-based resources. You can even specify Web pages or Web apps to appear as icons on a devices home screen for easier access.
In short, you can do a lot with configuration files to lock down an iPhone.
For more details about configuration profiles, check out Apple's documentation of the iPhone Configuration Utility. This is the free tool (available for Mac and Windows) that Apple developed for creating and testing configuration profiles. Apple also offers information about various management and deployment scenarios as well as overviews for iOS 4 business integration.
In addition to setting configurations through profiles, the MDM service allows you to query any managed device for more than 20 different pieces of data (including device- and carrier-specific details, as well as usage and verification that security policies are being enforced).
Beyond setting configuration profiles and querying devices, the MDM service allows you to take certain actions on managed devices. You can, for instance, force the device to lock and/or wipe all data. And you can temporarily remove a passcode (in case a remote user has forgotten it). If a passcode is required, the user will be required to create a new one.
You can also install or update configuration profiles as well as installed apps and enterprise application provisioning profiles and in-house apps. All this can be done in the background without user intervention, allowing you to make sure that software, configuration and security policies are in place.
(See below for a full list of the available management and monitoring capabilities of iOS 4.)
Enrolling iOS devices for management
Apple made the process of setting up device management pretty simple using SCEP. A user is instructed to visit a secure Web site and authenticate with his or her user account (typically an Active Directory account or some other LDAP-based directory service). This allows the iPhone to generate a certificate enrollment request and then an identity certificate for the device.
Using that identity certificate and the user's credentials to establish a secure connection, the device then processes the list of assigned configurations and presents them to the user. When the user agrees to the configurations, the device will download and install the related profiles and can be fully managed.
Management server options
Now that we've covered the what and the how of enterprise management, here's the list of vendors and the expected ship dates for their products:
- Absolute Manage: Expected availability in the third quarter of this year.
- Afaria by Sybase: iOS 4 beta program now in progress, with availability also expected in the third quarter.
- AirWatch: Availability listed as summer 2010.
- Good for Enterprise: Now available.
- MobileIron: Now available, and offering discounts to existing Good customers.
- Tangoe Mobile Device Manager: Now available.
- Tarmac by Equinux: Now available.
Note: Equinux is known for media and networking tools for Mac OS X and iOS. Tarmac is its first step into the realm of device management and is an iOS-specific solution. It lists a Mac as part of its system requirements, and overall it might be better for small and midsize organizations -- particularly those that have a strong Apple presence.
Apple's iOS 4
- Facebook blocks access to hidden iPad app
- LTE iPhone unlikely this year, says analyst
- Apple slams Amazon's Android e-store as 'inferior'
- Apple iOS: Why it's the most secure OS, period
- Apple launches iWork productivity apps for iPhone
- Analysts split on iPhone over-the-air-update buzz
- Apple's iOS 4.3 a welcome update for iPad, iPhone
- iOS 4.3 boosts first-gen iPad browser speed by 18%
- Update: Apple jumps gun, delivers early iOS 4.3 update for AT&T iPhone, iPad
- iPhone dev knocks Apple over vague new sub rules
- Path Selection Infographic Path Selection Infographic
- Hyperconvergence Infographic A wide range of observers agree that data centers are now entering an era of "hyperconvergence" that will raise network traffic levels faster...
- Preparing Your Infrastructure for the Hyperconvergence Era From cloud computing and virtualization to mobility and unified communications, an array of innovative technologies is transforming today's data centers.
- How WAN Optimization Helps Enterprises Reduce Costs If you wanted to break down innovation into a tidy equation, it might go something like this: Technology + Connectivity = Productivity. Productivity...
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users? All Macintosh White Papers | Webcasts
Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!