It's still not good enough. That's the reaction of IT analysts and security outfits to Apple's new iPhone 3G . Sure, the iPhone 2.0 software will support Microsoft Exchange and Cisco VPNs. But is it safe enough for enterprise use — as safe as, say, PCs?
Gartner says not quite. The security guys say be afraid. It's just not good enough yet.
And it never will be. Oops, that wasn't supposed to slip out.
But hasn't that historically been IT's official position? We're the Department of No. Whatever it is, we're against it.
Cell phones? Wi-fi? BlackBerries? Websites? LANs? Laptops? Spreadsheets? PCs? Departmental minis? Not one of those technologies was secure enough, reliable enough and enterprise-ready enough when business users first insisted on sneaking them in under the IT (or MIS or DP) department's radar.
Of course, users had to sneak that stuff in. They knew what the answer would be if they asked us: No. Not ready. Not good enough. Not yet.
And if it was up to us, not ever.
Somehow, though, in the end those users got their way. We made our peace with those unfamiliar, much-dreaded technologies. We figured out how to lock them down, cordon them off or keep them under control.
Thus, today we hear analysts and security vendors advising us to avoid the much-dreaded iPhone because it may not be as secure as the (once much-dreaded, now familiar) PC.
Ironic? Sure, but we all know the fear that drives that irony. Security and reliability are important, and we already have enough trouble on both those fronts. PCs are the devil we know. We're stuck with them. And we can still nurse the fantasy that we can keep iPhones out by just saying no.
But why? Why turn users into outlaws again? It never works. It just reinforces the idea that we're the Department of No.
Besides, aren't we a lot better off demonstrating that we're the Department of Know-how?
When users come to us with the new iPhone — and now that its price has dropped from the stratosphere, a lot of users will be coming to us — we don't have to tell them they can't connect to our systems.
Instead, we can start out by asking them what they want to do.
They might ask for the moon. Or they might have more modest ambitions, nothing that would test our systems' security or reliability at all.
Once we know exactly what they want, we can evaluate what will be required and lay that out for the users.
Some of the requirements will be technical. That's our job, and we'd better be up to it. Another part may be budgetary — someone always has to pay the bill.
Yet another requirement is patience and involvement on the part of those users. To ensure that the result is reliable and secure, we'll have to take a one-step-at-a-time approach. That means users will have to tell us what they want first, and what's less important. They'll have to cut their wish lists and do some waiting. They'll have to prioritise, make decisions and accept compromises — just like we do with every IT project.
Put simply, they'll have to become active partners in the iPhone implementation project.
That won't be a completely satisfactory process for users champing at the bit to get their new iPhones running all over our systems. It won't be quick enough, or let them experiment as much as they want.
But it'll sure beat a blanket denial from the Department of No.
And what do you bet that — like the iPhone — it'll turn out to be good enough?