The BlackBerry has been favored over other smartphones for corporate use for a number of reasons. However, in today's workplace, enterprises are adopting iPhones at a rapid pace, because of a push by employees who want to use them in both their personal and professional life.
Yes, there will always be great debate over which mobile device is superior from a usability standpoint. But when it comes to security, which device is best suited for the enterprise?
Mobile device comparison
BlackBerry®:
Robust management ecosystem: The significant differentiator in security is the management flexibility that the BlackBerry provides. The BlackBerry Enterprise Server® provides rich controls that allow scalable management for thousands of users.
Application policies: Administrators can define precise policies to control which applications can be downloaded to and run on the device. The security model allows administrators to translate and enforce acceptable use policies.
Transport security: The BlackBerry uses a secure and encrypted connection back to the enterprise that enables it to access corporate resources. This transparent VPN connection allows accessibility without exposing resources to the cloud.
Device/data encryption software security: The BlackBerry has robust encryption and data protection built in. Policies can be centrally defined. This ensures web traffic passes through scanning proxies and the device itself is kept very secure with very strong data encryption.
Remote wipe/restore: If a device is lost it can be remotely disabled and the data removed very quickly. Moreover, new devices can be provisioned with a complete copy of the original data, policies and applications. Research in Motion (RIM) provides the right tools for secure mobile computing - they just need to be configured. In particular, take advantage of the device's configuration capabilities to lock down the methods by which software can be installed. The recent spyware distributed by Etisala is an example of increasing focus on mobile devices. RIM produced a whitepaper paper that thoroughly explains how to lock down the device to control applications and prevent such threats.
iPhone™:
Lack of computer policies: Unlike the BlackBerry, the iPhone does not have rich central management. A simple portal is provided to allow device location (using the built-in GPS) and remote wipe, which works reasonably well, compared to earlier versions that took many hours to remove the the vulnerabilities. Unfortunately, there are no controls over allowed applications, configuration or security. Users must set up their own configuration (and they make it very easy) but this doesn't mean that secure protocols are necessarily used.
Too much user privilege: The iPhone essentially provides all users with administrator capabilities. They can install any applications or change any of the configurations. While this delivers user satisfaction, it is a security nightmare. This pushes the security policy on to the user with a severe dependence on education.
Exposure to cloud: While BlackBerry provides seamless and secure access to corporate resources within the perimeter, the iPhone requires exposure to the internet. Smaller businesses, or those embracing cloud exposed mail systems or corporate resources, will find the device easy to configure. Those with internal systems with controlled exposure may find the iPhone requires them to break their data protection security model or to have users VPN in to access resources. This can degrade the usability of the solution but is key to avoid exposing sensitive data in a cloud where the security model is still not yet broadly defined.
This article was provided by Sophos and is reproduced here with their full permission. Sophos provides full data protection services including: security software, encryption software, antivirus, and malware.
Article Source: http://EzineArticles.com/?expert=Chester_Wisniewski
