Mobile Security for the iPhone with Trust Digital

For years, the main things smartphone owners wanted to do was make calls, text and send and receive e-mail. However, the iPhone has changed all that. With thousands of mobile applications (apps) to pick from, smartphone users are no longer satisfied with just making calls, texting and having e-mail functionality. They want apps. The thousands of apps available on the iPhone platform has users drooling for more. But without an enterprise management platform, Apple created an iPhone market that organizations have been reluctant to embrace on an enterprise level. However, Trust Digital’s Enterprise Mobility Management platform is now helping to change that too.

iPhone Security with the Trust Digital Solution

Research in Motion (RIM) has long offered enterprise management for BlackBerrys. Currently, Blackberry Enterprise Server (BES) dominates U.S. federal agencies on the mobile phone management front. While iPhones natively offer a variety of security policies, Apple does not currently offer an enterprise management platform for the iconic handset, even as the iPhone makes its way into the enterprise and the iPhone starts to narrow the gap with BlackBerrys. Recognizing the burgeoning demand for mobile applications and the fragmented mobile management landscape, Trust Digital has developed a solution for enterprises to deploy iPhones, and manage them, from one centralized location.

When managing mobile smartphones on an enterprise level, mobile IT departments need to be able to register the devices, provision them and configure policies before giving the phone to the user.

Trust Digital Enterprise Mobility Management (EMM) server offers iPhone device management in a way that lets organizations configure, deploy and manage iPhones on a large-scale basis. EMM has the ability to restrict the usage of certain features based on organizational needs and security requirements. For example, some companies don’t allow cameras in their offices and may want to disable that feature for all users, or may want to disable cameras for just certain users in specific locations.

EMM also offers the ability to setup and configure user authentication, data-at-rest encryption, resource controls, a device firewall, IP proxies, SMS blocking, application controls and image management all from the convenience of one console. You can enable some of these features for certain user groups, and disable them for other user groups.

Favorite iPhone Security Features with EMM

I won’t be able to tell you about all of the security management features that Trust Digital offers for iPhones in just one article, so let me tell you about some of my favorite features. Apple's iPhones offer native encryption, but how do you ensure that your users are taking advantage of that feature? EMM offers three modes of encryption for iPhones and can configure each iPhone so that when data is saved to it, the data is automatically encrypted.

EMM enables organizations to take control of data encryption so that they don’t have to rely on their users to do anything in particular. Since iPhone are always in transit, it’s common for them to get lost. When everything’s encrypted, organizations don’t have to worry if their data is at risk, and they also don’t have to file a report with local authorities if iPhones are lost or stolen. However, just to be safe, administrators can now force a remote wipe of a lost iPhone if it becomes lost or stolen.

Here is a break-down of each of these encryption modes and their respective key management features: per device, unique encryption key for every device; per user, unique encryption key for every user; and per policy, unique encryption key for every group.

The following encryption algorithms are available and can be configured for any of the three modes: AES-128; AES-192; AES-256; and Triple DES. Additionally, it’s possible to block non-encrypted iPhones from gaining access to any of the enterprise systems or networks.

EMM also enables administrators to connect to remote iPhones and assist users via port 7777 which is a nice feature for assisting road warriors.

iPhone Password Protection, Package Management

The password management capabilities enable organizations to force users to use passwords, and to turn on password complexity rules based on the current organizational password complexity policy. Other password management features include: password expiration/aging; enable/disable password history; and password failure actions.

With the password failure actions, it’s possible to configure an iPhone to perform a soft reset, lock the device, or wipe all the data after a pre-configured number of failed login attempts. If a user forgets his or her password, the device can be unlocked using a remote unlock service.

The Package Management feature enables administrators to distribute applications to remote phones over-the-air without actually having physical access to them.

EMM also has a comprehensive list of other features related to authentication, compliance, peripheral restrictions, audit logs and reporting that are beneficial to mobile IT overseeing mobile security.

Though RIM’s Blackberry Enterprise Server might have been the first enterprise mobile security platform to market, Trust Digital’s EMM platform is proving to be a tough challenger. Users want apps, and that means iPhones. Organizations want security, and Trust Digital’s EMM platform enables iPhones to be managed securely.

As telecommuting picks up steam, and more employees work from home, their car, or various other remote locations, secure management of iPhones is going to become more important than ever. Compliance laws demand security. Trust Digital’s EMM is just the thing to enable iPhone users for mobile computing, and at the same time, ensure that the organization’s data remains secure and private.


iPhone, mobile IT, mobile applications, mobile security, iPhone security