Jeanette Horan, IBM's chief information officer, said the decision was made because the company is concerned that the spoken data could be stored somewhere on Apple's servers. She told MIT's Technology Review (via Gizmodo) that IBM surveyed several hundreds of employees and found that many were "blissfully unaware" of what applications on their mobile devices could be security risks.
On the banning of Siri, Horan admitted that IBM is "extraordinarily conservative" when it comes to security, adding: "It's the nature of our business."
Also barred from IBM's internal servers is Apple's iCloud, which can be used to remotely back up documents and data. Instead, IBM has its employees use a company-hosted service called MyMobileHub.
Of course, IBM's conservative policies with respect to applications and serves are not limited to Apple. Third-party file transfer services like Dropbox have also been banned as the company trends toward employee-owned devices.
In fact, the so-called "consumerization" of corporate devices hasn't saved IBM any money, Horan said, because of all the security challenges that IBM faces. For example, any employee-owned device must be configured by IBM IT department to allow its data to be remotely wiped if the hardware is lost or stolen.
Apple began expanding enterprise support in its iOS mobile operating system with the release of iOS 2.0 in 2008, adding Exchange Server compatibility and other popular corporate protocols. In 2009, The Find My iPhone feature was updated with remote wipe functionality, enhancing the security of devices for both consumers and employees.
30 Comments
I understand the ban on Siri. I understand the ban on iCloud. I understand the ban on Dropbox. What I don't understand is how they can do that to employee owned devices? That's crazy. If they buy it- absolutely. If they tell me I can't put work documents or emails on my personal phone for security reasons- I totally get that too. But if you're going to be extremely secure- shouldn't you supply the hardware? I've never understood the IT/Consumer fusion idea- it might work in small businesses not as focused on security- but these huge ones that are anal....
How do they block these things? With a firewall? If so it doesn't do much good when the person goes home and has access to an unfiltered network.
IBM security. Isn't that an oxymoron? :D
In reality inside IBM Siri is only disabled on the lock screen. You are required to have a strong lockscreen password (8chars) to protect sensitive information. Allowing Siri on the lockscreen allows access to things like the calendar without typing your password, so IBM has pushed out a security profile to disable Siri on the lock screen.
I understand the ban on Siri. I understand the ban on iCloud. I understand the ban on Dropbox.
What I don't understand is how they can do that to employee owned devices? That's crazy. If they buy it- absolutely. If they tell me I can't put work documents or emails on my personal phone for security reasons- I totally get that too. But if you're going to be extremely secure- shouldn't you supply the hardware? I've never understood the IT/Consumer fusion idea- it might work in small businesses not as focused on security- but these huge ones that are anal....
The employees have a choice. If they buy the device they can elect to leave it entirely free of IBM's systems and security. But then they cannot use it to access their work e-mail, calendar, etc. Or they can voluntarily let IBM secure their devices and gain access to those systems.