Caution: iOS 5, iCloud and the iPhone 4S in the enterprise
Beware these security pitfalls
Computerworld - Apple's iOS 5 and the new iPhone 4S, which went on sale Friday, are packed with new features, many of which should boost the productivity and on-the-road capabilities of professional users. But, as with many consumer-oriented mobile platforms making their way into the workplace, iOS 5 and Apple's new iCloud service present some serious challenges in business environments.
Security issues involving iCloud and several other features will likely be the first things IT professionals weigh when it comes to iOS 5, which Apple rolled out last week. That's good, because even though Apple quietly provided some new enterprise features in iOS 5 that should make iPhones and iPads better corporate citizens, new concerns have emerged.
What to worry about
Out of the 200-plus new features in iOS 5, there are really just three that pose new security challenges: iCloud syncing and backup, location-based services like the new Find My Friends app, and the Siri virtual assistant in the iPhone 4S.
iCloud -- too much sharing?
Apple's iCloud is a unique brand of cloud services that's geared more toward personal use than professional. It allows users to sync all their personal data -- contacts, calendars, emails, notes, iTunes media, photos, documents and so on -- across all their iOS devices and Macs (and to some extent Windows PCs). Users can also back up their iOS device data wirelessly to Apple's iCloud storage or to their Mac or Windows computer using iTunes.
This is a rich set of features for consumers, as it ensures easy access to virtually all data that's supported by Apple's iOS 5 as well as the security of having a backup of core iOS information that can be restored anytime, anywhere.
While that ease of access is great for end users, it raises serious questions for iOS devices used for work, be those devices company-owned or, as is increasingly the case, employee-owned. Given that the service debuted only last week -- and had a problematic rollout at that -- there are now more questions than answers. If iPhone users in the workplace start asking about using iCloud, ask yourself these questions:
Will confidential corporate data such as documents, global contacts and emails be synced to a user's home computer? Might they reside on Apple's iCloud servers after a user has left a company? What if someone gains access to a user's iCloud account by stealing a device or through a phishing or social engineering attack? Could photos taken with an iOS device in the office be pushed across a range on devices and computers by iCloud's Photo Stream feature?
Even more concerning is the uncertainty about whether users are putting business information onto their device(s) and into iCloud. At this point, how would an IT shop know?
What appears to be a great consumer feature could turn out to be a professional minefield. Caution is warranted.
Find My Friends -- or my unsecured iOS device
One extension of iCloud is the new Find My Friends app, which functions very much like Google's Latitude. If your friends or other contacts give the OK, you can see their current whereabouts on a map -- and vice versa.
Find My Friends offers a lot of useful potential in a business context. It can ensure colleagues can easily locate each other at a conference or some other event. It can help managers monitor employees assigned to mobile tasks like deliveries.
Unfortunately, it also allows anyone who is designated as a "friend" to locate a user or his/her iPhone or iPad. That could be a prelude to theft. Find My Friends could also be used to covertly monitor a user during off hours, which -- beyond being an invasion of privacy -- could open someone up to blackmail or other forms of coercion.
On a personal level, if you download and set up Find My Friends on an iDevice, I suggest you be extremely cautious about who is allowed to follow you. More on what to do about Find My Friends in an enterprise environment in a moment.
Siri -- say what?
The iPhone 4S's virtual assistant feature poses it own set of concerns. Since Siri is integrated into iOS 5, it has at least some level of access to all of Apple's built-in iOS apps, including Mail, Messages, Calendar, Notes and so on.
Thus, it's conceivable that when a user asks Siri to read business content such as an email, others nearby might be able to overhear confidential information. Similarly, and perhaps more concerning, a user sending a text message, making an appointment or dictating into any app on the iPhone 4S could be overheard.
- Apple ships iOS 7.1 with CarPlay support, home screen crash fix
- Apple to fix iOS 7 crash bug
- Apple rang up $10B in app sales in 2013
- Balky browsers tick off tablet owners
- iPhone, iPad dwarf mobile rivals in small- and mid-sized firms
- iOS 7 now powers 3 out of 4 Apple devices
- How to fix iOS 7 glitches
- After a week, iOS 7 runs more than half of Apple's mobile devices
- First look: The new iPhone 5S impresses
- iOS 7 off to speedy adoption start
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Gartner 2013 Magic Quadrant for Enterprise Backup/Recovery Software See why CommVault was positioned as the #1 leader in Gartner's 2013 Magic Quadrant for Enterprise Backup/Recovery software for the 3rd year in...
- Forrester Report: CommVault is a Leader in Enterprise Backup and Recovery In this report, Forrester takes a deep dive into the evaluation criteria, how CommVault is positioned and the features and functionality that make...
- Forrester Wave for Enterprise Backup and Recovery Read this report to see how CommVault continues to outpace its competitors and why Forrester positioned CommVault Simpana as the top backup and...
- Architecting the Network of the Future Networks need to change, as does the way IT thinks about and manages them. In addition to reliability, IT must now add higher...
- Four Myths of High-Productivity App Dev Debunked Debunk the main myths surrounding high-productivity application development and how both platforms have overcome them.
On-Demand Webcast: 7 Reasons to Choose VoIP
Thinking about a new phone system for your business?
Be sure to watch this informative webcast. Steve Strauss, small business columnist for USA...
All iOS White Papers |