Choosing a mobile device platform that is safe, easy to configure and manage, and that is flexible enough to meet the needs of employees and senior executives sounds easy on paper. In practice, however, it is one of the biggest of the new challenges for IT managers.
To be certain that devices are safe, IT departments must design security measures that are invariably a complex blend of technology and policy. Some aspects of these systems, such as mandatory reporting of lost or stolen phones, are largely device-independent and are thus relatively straightforward for organisations to enforce. But others, such as varied access levels depending on device type or control and optimisation of smartphone and tablet traffic across WiFi networks, clearly depend on more-sophisticated technical insight.
Most analysts agree enterprises should be able to enforce several basic security features on any mobile device, including mandatory passwords, over-the-air device wiping capabilities and data encryption on the device itself. In practice, the choice of the platform will determine the effectiveness of the overall policy.
Google’s Android operating system has been a huge success with the handset vendor community, attracted by the completely open-source nature of the operating system. Although seen initially as a consumer platform (with the added benefit of a less restrictive and more flexible apps model than the iOS), Google has continually improved security support with successive releases of the operating system. Google has also added other security features, such as remote wipe and upgraded password policy enforcement, adding to Android’s appeal to the business community.
Microsoft Windows Phone
Microsoft’s mobile device operating system, Windows Phone 7, attracted a great deal of attention following its launch in 2010. Long criticised for the performance and usability of its mobile operating systems, this version improved many aspects of the mobile Windows experience, in particular security access features and integration with back-office Microsoft applications that make it a powerful tool for accessing corporate data on the move. Microsoft has yet to provide a central console for large-scale management of devices, which limits options for security-conscious IT managers.
While Blackberry’s browser and interface, too, lack the usability of its main competitors, RIM is clearly still a force to be reckoned with, especially in corporate markets where its ubiquitous email platform, robust hardware and excellent battery life all appeal to business users. Perhaps its biggest asset is the Blackberry Enterprise Server, which gives enterprises advanced central device management and control of security over the air, a feature unique to date among mobile device vendors. However, as more vendors enter the email fray, many corporations are now seeing the Blackberry Enterprise Server as one of the more expensive options in the field.
Because of its global distribution, comparatively low-cost hardware and mature software platform, Symbian has been a hit with many consumers and businesses since its launch. Its popularity has occasionally made it a target for malware authors, although the Symbian security model makes it very difficult for unsigned software to cause damage to phones or data, even if installation is authorised by the user. Many security features are enabled on Symbian devices (including on-device encryption), while many others can be capably managed by third-party software both on the device and over the air.
Few pieces of technology have garnered as much attention as the Apple iPhone and iPad. The iPhone remains a more popular smartphone choice for discerning consumers in its target markets. While Apple cites the closed, tightly controlled iOS ecosystem as a security benefit, iOS applications can only be distributed, installed and backed up via the Apple App Store and iTunes. This can affect organisations wishing to maintain control over the way they deploy their own or trusted third-party applications. Apple has become friendlier to enterprise iPhone customers, in particular by supplying VPN capability as standard, enabling access to some features of Microsoft Exchange and including remote-wipe and automatic device-erasing features.