Opinion: iPhone security chatter is only a distraction

Plenty of opinions floating around, but security pros need to get grounded

1 2 3 Page 3
Page 3 of 3

Always prepared vs. always stunned

How will corporate denizens make use of the iPhone's adaptation of technology? Will they find it easier to use Sidekick-style, always-loaded remote applications and minimal synchronization so that the impact of loss is minimal? Or will they load it full of documents and offline applications like many Windows Mobile users? Honestly, we just don't know yet. We'll just have to see how the profile of user activity shakes out. In all likelihood, it'll be something we don't expect, not because Jobs has finally coded the reality distortion field into a killer app, but because the next big thing hasn't happened yet. Next is always in the future.

I'm not saying there aren't legitimate queries, stemming from experience, about where the iPhone fits into the corporate picture. One big unanswered question comes from BlackBerry and Sidekick phones' means to limit information loss in the event a device goes missing. Will iSync-based iPhone management tools allow me to iSuck the data back from my device and disable it? Will the next point release of OS X for the iPhone include FileVault data encryption? We won't know what direction Apple will take until there are a few data points from which to draw a vector. You can argue that this sort of thing could have, maybe should have, been addressed already. That's another example of a nice theory falling down in the real world.

If we've prepared ourselves reasonably well, we can be confident that whatever comes along will integrate just fine as long as it covers the standards we're using now -- the actual standards, not the forces of habit or idiosyncrasies of the moment. Kindergarteners may make up their own language and then criticize others for not knowing it, but like the flow of linguistic change, you can always accept new technology without disruption if your syntax is predictable. I may not know what will be said next, but I can be confident that I'll understand it.

Jon Espenschied has been at play in the security industry for enough years to become enthusiastic, blasé, cynical, jaded, content and enthusiastic again. He recently left Symantec Corp. (@stake) to be a principal at Leviathan Security Group Inc. in Seattle, where his advice continues to be ignored by CEOs, auditors and sysadmins alike.

Copyright © 2007 IDG Communications, Inc.

1 2 3 Page 3
Page 3 of 3
7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon