iPhone OS 4: Guide to Anticipated Mobile Management Functionality
Apple on April 8 previewed the upcoming iPhone OS 4 -- due for the iPhone and iPod touch this summer and the iPad this fall -- as the mobile industry awaits the unveiling of the now infamously leaked next-generation iPhone on June 7 at the annual Worldwide Developer Conference. EnterpriseMobileToday.com recently highlighted 12 enterprise-friendly features announced for Apple's iPhone OS 4 that stand to significantly improve the ease of use and management of iPhone OS devices in enterprise and business environments. Some of the features are distinctly aimed at enterprise adoption and management while others are more general and designed to empower iPhone and iPad users to work more productively with their devices. While Apple identified a number of features specifically intended to aid IT departments in activating, deploying, and managing iPhone OS devices, the company has yet to provide specific details about how these features will work. Here we outline the core enterprise features for IT and which details still remain murky as well as some speculation as to how Apple might implement them in iPhone OS 4 versus the current iPhone OS release.
In the Current iPhone OS VersionDeployment, Management and Configuring -- Initial configuration, roll out and on-going management are the hardest aspects of supporting any mobile device for businesses, with perhaps the exception of deploying, say, just two or three, iPhones. Each device must be activated using iTunes, meaning it will generally need to be touched at least once by an IT team member. After activation, devices can be handed out to employees in their default state, but that will provide them only with the generic load of Apple's built-in apps. It will not include security settings, configurations for accessing any network services such as Wi-Fi networks or corporate VPNs. Nor will it provide internal or external Web bookmarks, or mail or collaboration server configurations. It also means no organization-specific security certificates to ensure secure identification when accessing internal resources. Apple's iPhone Configuration Utility offers a decent solution for building iPhone configurations. It allows organizations to address these configuration concerns by providing the ability to complete configurations for individual devices or to implement a more general organization or department-wide configuration. But using the utility either requires IT to install configuration profiles or requires users to choose to install them. Users must also opt to install updates to these profiles as they are issued.
What Apple Promises in iPhone OS 4Apple is promising that iPhone OS 4 will streamline and improve on the areas of deployment, management and configuring. Specifically, Apple is touting three major areas of improvement over the current iPhone enterprise features: deployment and provisioning, device management and security. Also on Apple's list of new enhancements: improved enterprise support for Exchange environments and the iPhone's Mail app.
iPhone Deployment and ConfigurationApple hasn't mentioned whether initial iPhone activation will be streamlined and become less dependent on iTunes. Although Apple may create and offer a way of to activate new mobile devices without using iTunes at all, I find it unlikely given the company has positioned iTunes not only for activation but also as the primary sync technology for iPhone OS devices.
Apple has said that it will provide the ability to install and update custom apps developed in-house by an organization using an Enterprise membership account for the iPhone Developer Program. It seems almost guaranteed that this will apply only to in-house apps and possibly to Web-based apps added to a device's home screen as Web-clip icons. It isn't clear if this will include the ability to provision a device with security certificates used to allow the device to access these apps (or to provide secure access to other internal network resources), but this seems likely. If Apple does include the ability to push out (and presumably update) security certificates on a device, the company may also include the ability to push out configuration profiles to devices (for both initial configuration and configuration updates). This would be a drastic improvement over the current options.