According to analysts, the biggest benefits of iOS 7′s enterprise features will come through connections to mobile device management MDM software deployed by corporate IT shops.
Still, Apple has unveiled new hardware that could benefit – or pose new challenges to – businesses. For example, a cheaper, more colourful iPhone 5c, starting at US$99 with a service plan, could be attractive to younger workers who would buy the phone on their own and expect to have the workplace Wi-Fi at their disposal.
There are also novel hardware features, including the iPhone 5s’s fingerprint sensor, Touch ID, that could simplify the phone unlocking process for all kinds of business users – even those who use their own smartphones at the office in BYOD (bring your own device) environments.
Here’s a look at different views on how the new iPhone models and iOS 7 could affect enterprises.
Apple’s Touch ID in the iPhone 5s
If Touch ID works as promised in the iPhone 5s, a user would simply touch the home button to activate the system and avoid the need to tap in a password.
“The fingerprint reader means that the user doesn’t have to constantly type in passcodes, so I wouldn’t belittle it” as a security feature, says Gartner analyst Ken Dulaney.
Apple says that only half of its iPhone users rely on a password to unlock a phone, so a lot more authentication security could be derived from having Touch ID capabilities. A lost or stolen phone locked with the Touch ID would have a better chance at protecting the data inside.
However, fingerprint sensors are already widespread in laptops but are rarely used, says Jack Gold, an analyst at J Gold Associates. “The fingerprint sensor could be useful for two-factor authentication, but laptops have had them for years and they are not widely being used,” Gold says. “It’s hard to make sure fingerprint sensors are working properly. So, I see the fingerprint sensor as more of a consumer than an enterprise feature.”
Experts credited Apple for locking the user’s encrypted fingerprint data in a secure section of the A7 processor. That way, the fingerprint data won’t reach Apple servers and won’t be backed up to the Apple iCloud sync service or anywhere else.
The US$99 iPhone 5c and the workplace
The iPhone 5c could have an enterprise impact by luring BYOD users to buy an iPhone for the first time, possibly as a second phone to complement a BlackBerry or other device mandated by IT, some analysts say.
At a low price of US$99 and available in five bright colours, the iPhone 5c will clearly appeal to younger people, especially those who have never owned an iPhone, analysts say.
IT shops may once again have to re-examine policies regarding use of personal phones to access workplace Wi-Fi. They will also have to consider the appropriateness of employees using such devices to run enterprise-class email and apps. The iPhone 5c won’t have the new Touch ID fingerprint sensor seen in the iPhone 5s, but it will run a fully-fledged iOS 7.
“The lower price of the iPhone 5c could potentially make it easier for Apple to increase uptake in the enterprise,” says Carolina Milanesi, an analyst at Gartner. “I say this because most enterprises are still relying on BYOD or allowing employees to pick an iPhone from a list of devices, but then asking them to pay the difference between what an average enterprise device would cost and the cost of the iPhone.”
Milanesi had expected the iPhone 5C to cost less than what Apple announced. She expected the 5C to cost US$300 to US$400 without a wireless contract, instead of the US$549 price that Apple is charging for the 16 GB version.
Even so, US$99 for an iPhone 5C would be US$100 less than the iPhone 5S with a contract, so if a workplace wanted to offer an employee an iPhone 5C under the company’s ownership and management, there is a greater potential for adding more workers on iPhones, Milanesi says.
Price alone, however, is still a relatively minor issue for enterprise users, Gold notes. “Most business users buy based on productivity and convenience, and not generally on the lowest price.”
Since smartphone productivity is most important to employees, the new iOS 7 could factor heavily into how workers and IT shops judge Apple and its newest smartphones.
iOS 7′s impact on enterprises
Apple’s iOS 7 offers around 200 new features, the company said. Those features include more enterprise enhancements than any release since iOS 4.0, which was the first time Apple introduced MDM application programming interfaces (APIs), Gartner’s Dulaney notes in a recent report. “iOS 7 will have a high impact for enterprise IT leaders in terms of security and management,” he says and urges enterprises to test iOS 7 for use with MDM software consoles and users.
The new version will meet baseline security needs for more than 80 percent of enterprise-owned and fully managed iPhone and iPads, he said. Dulaney compares iOS 7 to BlackBerry Balance software, which partitions personal and work applications on a single smartphone like the BlackBerry Q10.
However, Apple doesn’t support a network operations centre as BlackBerry does, meaning the implementation of a management console for iOS 7 must come from a third-party MDM provider, Dulaney said. The list of MDM vendors is a long one and includes old-line vendors such as IBM and Microsoft, but also Good Technology, AirWatch, Mobile Iron, Zenprise and Symantec.
MDM vendors are moving quickly to support iOS 7 when it launches on 18 September. However, Gold says it is unclear how many of the new iOS features will make it into MDM suites. More importantly, it’s still unknown how iOS 7 will affect overall device manageability in a corporate setting.
Based on Gartner’s analysis, enterprises “will most certainly deepen the relationship and commitment to Apple,” Dulaney says in its report from 12 August.
In iOS 7, Apple upgraded its software to do several tasks. Among them were to provide single sign-on (SSO) to permit multiple applications to work across a single smartphone, multitasking and a standard method for embedding management features in enterprise applications.
Single sign-on: the SSO feature of iOS 7 will allow a user to access multiple business applications in a smartphone, but only as governed by the IT shop via its MDM, Dulaney says in the report. The fingerprint sensor, for instance, might quicken the process for a worker to move back and forth between applications. Those and other iOS 7 features would have the biggest impact on enterprises, and have provoked a range of recommendations from Dulaney and other analysts.
Multitasking: Apple’s multitasking is not true multitasking, Dulaney says, but is actually a better scheduling algorithm that allows an application to request more processing time in the background.
App Store access: Dulaney notes that worker access to Apple’s App Store may still be needed, although some enterprises are concerned about users unintentionally downloading malware in untested apps. Companies can set up an enterprise application store by using the Apple Volume Purchase Program, but access is still needed to the App Store, a process that Apple still needs to change, he says.
Per-App VPN: Apple’s characterisation that iOS 7 has a Per-App VPN feature is poorly named, Dulaney said. Instead of embedding VPN technology in each business app, iOS 7 allows an MDM suite to designate a set of applications for use of the VPN. Each business application will then declare itself as requiring the VPN and will then be routed through it. Consumer traffic, instead, is routed over the wireless carrier’s public internet portal.
iBeacons: iOS 7 supports the placement of low-cost Bluetooth Low Energy emitter devices in workplaces and elsewhere that can connect via Bluetooth 4.0 to iOS 7 devices. That means an MDM console can have more precise location information for users, but also contextual information to help determine if a device is being used in an insecure manner.
A user with an iPhone passing a Bluetooth emitter in an unauthorised area could trigger an alarm, for instance, but the process could also allow a user to open doors or turn on lights by passing through an area and coming within about eight metres of the sensors.
Wi-Fi Hot Spot 2.0: support for this feature should improve the efficiency of the transition from cellular to Wi-Fi, which has previously burned battery life.
AirDrop: this form of peer-to-peer file sharing uses Bluetooth and Wi-Fi for quick data sharing between two iPhone users. By comparison, newer Android devices and other smartphones rely on near-field communication (NFC) for file sharing. Gartner generally opposes P2P file sharing as inherently insecure for business uses. Dulaney adds, “We believe that most enterprises will want to disable this feature.”
Gold says that, despite many protections in AirDrop, enterprises should still worry about loss of data over Wi-Fi connections. One precarious scenario could occur when a stranger on the other side of a wall and out of view of AirDrop users monitors their Wi-Fi traffic.
By contrast, when AirDrop was introduced in June, Solstice Mobile, a development shop based in Chicago, said it was experimenting with ways to help business users streamline data sharing with the new function.
Of note, Dulaney says Apple’s AirDrop technology indicates that Apple won’t be putting NFC in future iPhones, since Apple prefers Wi-Fi and Bluetooth to near-contact transmission. Buy-in to NFC by Apple has been considered important for the advancement of NFC mobile payments, especially in the US, which means the emergence of mobile payments is pushed “further into the future,” Dulaney says.
Enhanced SMS: Apple will permit longer text (SMS) messages to be sent from iOS 7 devices in a process that converts text messages into MMS (Multimedia Messaging Service). Even with this enhanced capability, Dulaney notes that enterprises still won’t be able to track any type of SMS on the phone, which is required stockbrokers and other financial workers by federal regulation.
Activation lock: with this new feature, a lost or stolen iPhone can’t be reactivated without the owner’s iCloud username and password. Dulaney says the feature should reduce theft, but warned that jailbreaking any iPhone would likely nullify the activation lock capability.
Mass device enrollment: Dulaney says iOS 7 is expected to permit enterprises to set up and ‘enrol’ multiple enterprise-owned devices at one time, cutting down the time-consuming process of enrolling each device one at a time. The details of the process aren’t clear and Apple didn’t respond when asked to comment.
While Gartner describes many improvements with iOS 7 for enterprises, Gold says it is really up to the MDM software to make the devices running iOS 7 enterprise friendly. With any MDM, basic smartphone management is still tied to Microsoft’s ActiveSync, supported by virtually all MDM vendors, Dulaney notes.
Much of Dulaney’s focus for iOS 7 enterprise features applies to corporations that own and manage the smartphones, but he concludes that there is also some advantage for BYOD shops.
To Gold, however, even with the many positive features in iOS 7, BlackBerry Enterprise Server offers a “greater breadth and depth of management” for BlackBerry devices than iOS 7 with MDM consoles will provide for iPhones. BlackBerry Enterprise Server for other platforms than BlackBerry is less comprehensive, he adds.
“My advice to any enterprise supporting BYOD would be to only deploy [iOS 7 devices] if you have an MDM and mobile application management strategy to beef up basic management functions in iOS 7,” Gold says. “Otherwise, you don’t really know what you’ve got.”
by Matt Hamblen, Computerworld