Apple's iPhone 5S opens up more questions than answers for businesses

With the launch of the iPhone 5S, Apple has the tools to make the smartphone an enterprise-class device. But the big question is how far the company will go in realizing the device's full potential.

The latest iPhone upgrade, introduced Tuesday, is the first smartphone with a "desktop-class" 64-bit computing architecture, made possible through Apple's new A7 processor. This opens up the possibility of building business software that goes beyond the front-end applications developed today for the iPhone.

In addition, Apple built into the device a fingerprint scanner, called Touch ID, that in combination with the underlying architecture could enable enterprise software to use the biometric sensor for authentication, experts agree.

While the iPhone 5S holds promise, a lot has to happen before it is realized. For one, Apple would have to provide the necessary application programming interfaces to use the fingerprint scanner for signing into an email server or virtual private network. In addition, the company would have to release the hooks for leveraging the iPhone's new computing power.

If Apple did all that, then the benefits to business would be significant. "This could really put Apple in a leading position back into the enterprise," said Daniel Ford, chief security officer for Fixmo, which provides mobile technology for protecting corporate data.

Whether that is Apple's plan remains to be seen. The company did not emphasize the enterprise potential in unveiling the iPhone at its Cupertino, Calif., headquarters.

Instead, Phil Schiller, Apple's chief marketing officer, made a big deal over the phone's graphic capabilities for running games on the new architecture, hardly a priority for business. With the fingerprint sensor built into the home button, the focus was on authentication for signing into iTunes and unlocking the device.

"They're not as focused on the [enterprise] as they should be," said IDC analyst William Stofega of the scanner introduction. "Maybe the goal is to get it out there, making sure it works, and then really start peddling its capabilities as an extra layer of security for enterprise customers."

By introducing biometrics in a mainstream device, Apple is presenting businesses with a real-world example of how well the technology would work either as a complement for passwords. The effectiveness of passwords has diminished over the last few years due to increasingly better hacking techniques used by cybercriminals.

"In the past, if you talked about biometrics to a CSO, it would be a pretty abstract concept," said Paco Hope, a software security expert and principal consultant for Cigital.

The reliability and performance of Apple's fingerprint scanner, built on technology obtained in 2012 through the acquisition of AuthenTec, won't be known without independent testing. Because such technology has not been easy to use, fingerprint sensors have failed to attract much interest among businesses or consumers.

For example, Motorola Mobility, a unit of Google, included a fingerprint scanner in the Atrix 4G phone in 2011. The feature was later discontinued in part because of customer complaints that several attempts were needed for it to work.

For Apple's sensor to be enterprise-ready, it will have to read a minimum of 14 points on a fingerprint, Ford said. Anything less would not meet the requirements used when fingerprints are submitted as evidence to identify suspects in criminal cases.

"Anything less than 14 points on a fingerprint in my opinion is a failed implementation, because it's very easy for someone to duplicate," Ford said.

Read more about wireless/mobile security in CSOonline's Wireless/Mobile Security section.

Join the CSO newsletter!

Error: Please check your email address.

Tags enterprise smartphonesapplicationsiphone 5ssecuritymobile securityfingerprint scannerData Protection | Wirelesssoftwaredata protectionApple

More about AppleAuthenTecCSOGoogleIDC AustraliaMotorola

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Antone Gonsalves

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts