Mobilizing the Enterprise

Thoughts on SharePoint, Smartphones, and the future of enterprise productivity

Secure business and personal apps with iOS

leave a comment »

Today another new Android vulnerability was discovered such that all your email addresses, phone numbers, SMS messages, and log files can be access by any application that requests permission to access the internet.  You can read more about it here.  Additionally there has been android malware in the Marketplace that captures and reroutes your personal data to 3rd parties.

It’s useful to ask why Apple’s iOS doesn’t face similar threats.  I think there are three reasons for this:

1)   With the Macintosh, Apple differentiated itself from Windows by claiming there were no viruses or malware on its platform. This feature resonated with customers in a big way and Apple knew it must carry this forward.  However, in the PC era, Mac’s malware resistance really was just marketing.  As Apple thought about new models for computation, they realized strong technical firewalls would be needed to more fundamentally prevent these threats from harming users.

2)   iOS has a curated application store with very end-user favorable rules that app developers must follow such as not using undocumented apis. Apps are actively scanned for viruses and malware behavior before they can get into the store. If a bad app ever leaks into the store, Apple has the technology to remove an offending app from the store and from devices before it infects everyone. As this is the only path for getting apps onto devices, Apple is like a bouncer at the bar actively keeping unwanted apps out while ejecting misbehaving apps that got in.

3)   iOS has a very strong sandbox between apps and a very rigorous api that prevents applications from interacting or sharing data with each other except through a very few well protected apis.   First, unlike Android, an application cannot access the code or data of another application. All sharing is done via a few well-defined iOS apis – so there is a spigot and drain approach to sharing that is controlled by the app, the user, and the OS.  It is iOS that prompts you before sending email, making a phone call, or sharing a document between applications so that even allowed commands require user confirmation.

With these technologies, business apps can co-exist side by side with consumer apps on the phone. iOS guarantees the business apps cannot be accessed or changed by any other application on the phone.  As well, your personal apps & data are safe from corporate scrutiny. In addition, via iOS apis, the business apps can limit their data sharing to other trusted business apps and recently introduced AppConnect technology from Mobile Iron appears to be a start in this direction.

The iPhone & iPad truly have the fundamentals to support one device that delivers work and personal utility while balancing the security and privacy needs for both sides of our lives. Ray Ozzie captured a good summary of iOS a few years ago: Apple internalized that people really understand and like an appliance-style model for their phone & pad.  Appliances don’t get viruses, they don’t data share, they do one function and do it well.

Written by daviddsouza

October 4, 2011 at 4:51 pm

Leave a Reply

Gravatar Logo

Please log in to to post a comment to your blog.

Twitter picture

You are commenting using your Twitter account. (Log Out)

Facebook photo

You are commenting using your Facebook account. (Log Out)

Connecting to %s


Get every new post delivered to your Inbox.

Join 2 other followers