iPad And iPhone: Secure Enough For Most Businesses

Greetings everyone. My name is Andrew Jaquith, and I serve security and risk professionals. Normally I blog over on the S&R analyst team blog. But because Forrester has been receiving so many inquiries about the security of iPhone and iPad devices, I thought it would make sense to let you know that my new report, “Apple’s iPhone And iPad: Secure Enough For Business?” is now live on the Forrester website and available to Forrester subscribers.

ZDNet's Larry Dignan nicely summarizes my report here. But for the impatient, here is the executive summary:

Apple’s iPhone and the iPad have become increasingly popular. In 2007, IT dismissed the iPhone as insecure and unsuitable for enterprises. Three years later, the iPhone (and iPad) gives enterprises enough security options to enable them to say “yes” instead of “no.” In this report, Forrester defines seven security policies every enterprise should implement to keep its email and corporate information safe on Apple mobile devices, whether or not the enterprise owns them. We also define additional security “high-water marks” — policies and processes you can implement — based on your risk profile and regulatory exposure. Finally, we acknowledge that while most enterprises can use Apple mobile devices securely, some require higher levels of authentication assurance, resistance to attack, manageability, and logging than the iPad or iPhone can provide. For these customers, Research In Motion’s BlackBerry still rules the roost.

Thanks for your time and attention. I hope you enjoy the report, and I welcome your comments.