Posted by Robert Whiteley III on September 3, 2009
I just nuked my phone.
Ok, so maybe I didn’t nuke it, but I wiped it clean. It’s all part of an experiment. I’m one of a lucky few (20 to be precise) that are piloting iPhones here at Forrester. So far, it’s been great, although there are the usual bumps and stumbles you might imagine with any new technology. For example, has anyone else out there come across the mysterious disappearing calendar item? Every once in a while I come across something that’s on my desktop Outlook client, but not on my iPhone. I’ve done some pretty exhaustive scenario testing and I think I’ve isolated what triggers it, but of course there’s no discussion of it anywhere in the Googlesphere. Very strange, but I digress. As much as I’d like to talk about my iPhone experience, I’m actually more interested in any consumer mobile device in the enterprise.
(Psst. Apple, if you’re listening I can be contacted on this blog, on Twitter, or via email. I may not be one of our device analysts, but my analyst credentials would be revoked if I didn’t at least have an opinion.)
Ok, so why am I interested in mobile devices? Because in the last few weeks we’ve been swamped with clients’ requests to help craft their security policy for this technology populistphenomenon. Not only has iPhone proven to have enterprise staying power, but the promise of Palm Pre and Windows Mobile 6.5 has many an executive dreaming of replacing their old scroll-wheel driven BlackBerry with a slick touch interface.
Now I don’t profess to have all the answers. In fact, we’re working on it. At the Security Forum next week, Natalie Lambert will be moderating a panel of IT experts from Cisco, Citrix, and Google. I know, I know… You’re probably thinking “Yeah, but their vendors — that doesn’t count.” Wrong! These are the actual folks in charge of building and executing the internal strategies for these companies. Think about it. Combine the California work culture with a tech-savvy employee population and these vendors are the perfect petri dish for consumerization in the workplace. After all, they’re still large enterprises with thousands of employees going mobile. But we don’t just rely on the experts. We’ll also be conducting a roll-up-your-sleeves workshop with about 30 Security & Risk and Infrastructure & Operations executives to craft a policy that handles the data security and IT support requirements for a large enterprise. (Stay tuned for lessons learned and feel free to join the dialog on Twitter with #FSF09.)
But back to device wiping. This is where things get interesting. I was recently reading about how Microsoft will provide quite a few services for free with its Find My Phone service. Clearly a rebuttal to Apple’s paid MobileMe service. According to a recent CNET article:
In a July interview, Todd Brix said that the Find My Phone can be used to remotely send a message to a phone and cause it to ring, even if it is set to vibrate. If that still doesn't locate it, users can look up on a map where the phone last synchronized to the service. Users can also remotely lock the phone and send a message to it urging whoever has it to call a specific number. If that doesn't work, users can also remotely wipe the device.
That last part shocks and awes me. One of the longstanding issues with these consumer devices has been the inabilityto wipe them clean if lost or stolen. Now Microsoft is going one step further and allowing individual users to brick their device if they want. Umm… that’s something you’ll need to update in your security policy! I don’t think your local help desk will enjoy trigger-happy employees who wipe devices and claim “Oh, don’t worry… everything was safely backed up to the… errr… you, know… cloud.”
I’d be curious to get your thoughts, though. Should users be allowed to wipe their own devices clean, or should that be reserved for IT? Does it matter where the data is backed up — in iTunes or in the cloud?
Supporting consumer mobile devices is inevitable, but how you support them is still rich for debate. So please contact us if you’d like to weigh in our leave comments below. I look forward to hearing from you!
P.S. If I don’t respond right away is because I nuked my phone. What was I thinking?!