updated 12:20 pm EDT, Thu March 25, 2010
Apple accused of leaving iPhone vulnerable
The iPhone is the highest-risk smartphone to carry into the workplace, a study of security professionals found on Thursday. Of those asked by nCircle, 57 percent said Apple's phone is the worst mobile device threat, followed in a distant second by Android at 39 percent. Only 28 percent said the BlackBerry line is the problem, while Nokia's Symbian-based phones accounted for just 13 percent of smartphone security fears.
Among those asked, the apparent shunning of Apple came mostly from its continued lack of interest in enterprise-class security. Although it made gestures towards this with the addition of hardware encryption to the iPhone 3GS and multiple administration features like remote wipe, Apple hasn't actively maintained any of these efforts, nCircle's Security Operations Director Andrew Storms said.
"The general consensus is that Apple continues to do only the absolute minimum to address enterprise security and supportability requirements," he said. "[Hardware encryption] was almost immediately subverted. This is not the kind of behavior security professionals want to see in vendors."
The statements come despite Android lacking hardware encryption and having features that, while powerful, lend themselves more to security risks. As apps don't always need to be signed and can expose features such as the file system, Android devices can theoretically have all their data compromised in software and be used to carry off data of their own. BlackBerries have usually been some of the most secure as they have more sophisticated hardware encryption than the iPhone as well as tight control over access and more mature enterprise-level management.
The perception of the iPhone hasn't precluded it gaining a stronger footprint in large business, where its Exchange support has given it a place alongside BlackBerry and Windows Mobile in some offices. Some companies, especially those working with secret data or worried about leaks, have either discouraged iPhone use or actively banned it for at least some employees.