Sunday, July 4, 2010

The iPhone and Corporate Security

I have done my fair share of mobile analyses over the last 4-5 years including logical extractions of Blackberry's and both logical and physical extractions of iPhones.  With a larger number of cellular providers carrying iPhones, I am often asked to compare the Blackberry to the iPhone within a corporate domain.

While I understand that the iPhone is constantly increasing the number of "apps" that they carry, I simply cannot find a logical reason why a corporation (who presumably does not want company information/secrets shared with the world) would opt to incorporate the iPhone into it's corporate enterprise.

As recent as last week, I was reminded that many corporations will almost always opt for "availability" over "confidentiality".  While I believe that both are important, I simply do not see why a company would so severely sacrifice data integrity as to choose the iPhone over the Blackberry. 

Let's look at a few ideas with which to draw a comparison:
- the iPhone allows both a logical and full physical extraction of it's user partition.
- the iPhone password can be bypassed with a known commercial technique.
- Insofar as data, the iPhone retains vasts amount of data in relatively easy to extract/read format.  The use of EnCase and FTK to analyze a physical iPhone partition exposes just how robust the information is.

- there are no commercial techniques to bypass the Blackberry password (yes, I know about BES pwd resets, looking for IPD backups, etc).
- Blackberry does not seem to have jumped on the "app train", pushing out new apps each day. (this is good, no?)

So I ask....beyond being the "new kid with a new toy", why are companies asking about iPhones and security?

Last time I did an iPhone analysis, I mentioned to my colleagues that we ought to be classifying the iPhone analysis the SAME as a full Mac analysis.  File structure, artifacts, geo information, Internet History, Email, ....  it may just be my .02 cents, but any company with any sense of security ought to give this a very long, hard look before seriously considering an iPhone within their corporate domain.

ps...note to Apple....why has it taken you so long to realize this.  (or have you already realized it and simply believe that pushing out "apps" for the home market would be more lucrative?  (huh?))

No comments:

Post a Comment