Apple – IBM Partnership and Impact on Security
The new IBM-Apple partnership targets the missing gap between popular Apple mobile divides, BYOD programs and enterprise applications. The goal is to combine this into a better solution while offering more flexibility to the end users, cheaper administration costs and more efficiency in the daily business operations. With cyber security and data privacy on the rise, this article will take a look on how this partnership will address the needed protection to corporate knowledge and what we can expect in the near future.
The much publicized new partnership between Apple and IBM is significant as it positions Apple to increase its penetration into the enterprise business area. The main focus of this partnership will address mobility and the increasing BYOD/CYOD that many companies have implemented. Rolling out a new class of more than 100 industry-specific enterprise solutions including native apps, developed exclusively from the ground up for iPhone and iPad is the key point in this partnership. Unique IBM cloud services optimized for iOS, including device management, security, analytics and mobile integration; new AppleCare® service and support as well as offerings from IBM for device activation, supply and management will open up a large market opportunity for Apple and put IBMs renowned big data analytics at iOS users’ fingertips.
Apple is planning to have iOS become a serious player in the enterprise and with this alliance to develop an enterprise-friendly range of systems on tablets and smartphones. This will ease some serious enterprise concerns around how to manage Apple’s iOS systems and addressing the BYOD issues companies are facing, but how will this address the questions around integration, functionality and security?
In the US, around 65 per cent of firms allow iOS usage, according to IDC figures and allow workers access enterprise applications via personally owned devices because of the perceived productivity benefits. Although 98% of employers have a security policy in place for mobile access to corporate data, 21% allow employee access with no security at all. Without properly enforced controls, companies will continue to face serious security challenges.
Chief Information Security Officers’ opinions across various industries have been split over whether Apple’s consumer-focused iOS operating system, could be secured and integrated appropriately for business applications and sensitive data and therefore minimizing the risk of data loss and breach. True enterprise mobile apps need back-end services integration, security and identity management. In the last IBM CISO Assessment, mobile security was a top concern, with more than half of interviewed security leaders ranking it as a major technology challenge that needs to be addressed over the next two years; 76% say the loss of a mobile device with access to corporate data could result in a significant security event.
IBM MobileFirst Platform for iOS is planned to address some of these issues by providing the services required for an end-to-end enterprise capability. This will not only include analytics, workflow and cloud storage, but also security and integration while making use of IBM’s unique Bluemix Platform as a Service (PaaS) offering.
Bluemix mobile zone for iOS will enable developers that work with Xcode and inside the iOS environment to benefit from Internet cloud storage, workflows, analytics and many other capabilities, giving them easy ways to plug into SDKs and APIs and take advantage of existing offerings on Bluemix. This alone should contribute to the roll out and implementation of new apps which will address the increasing need for data security and privacy. Although it will not allow the same collaboration and flexibility as in an open source environment, it will allow easy integration of new apps into already existing security features IBM is currently offering such as Security Access Manager (a context based authorization) or its mobile web app and web elements vulnerability scanning. New security features will include complex device fingerprinting of mobile devices, protection against financial account take overs, compromised mobile device detection and a global fraudster database.
The new class of “made-for-business apps” which Apple and IBM are working on now, will target industries such as healthcare, banking, telecommunication and insurance and will be made available fall 2015. Considering that Trend Micro estimates that 1 in 10 Android apps are malware with the number of mobile apps nearly quadrupled between 2011 and 2013, the Apple-IBM team can certainly build on the relatively low apple app infection rate plus their developed apps with the enterprise touch for end point protection and security.
The corporate world will get the best out of this partnership. Using iPads with IBM software, and central management will make it easier for companies to go mobile as well as manage these devices and provide the adequate protection needed. Deploying and managing Apple devices in volumes should have cost reductions over conventional PCs given the industrial-strength AppleCare that will be in place.
Considering the constantly increasing BYOD programs and many employees using their own Apple products – although with limited enterprise connections and tools – consumers might benefit from this partnership as well. BYOD programs with Apple products should get better, be better supported by corporate IT departments and cause less headaches for CIOs on how to secure corporate data on the on the so popular but not really enterprises compatible hardware.
- By Dasha Deckwerth, MBA, MSc, CISSP, PMP, NSA IAM/IEM
About the Author
Dasha Deckwerth is a Member of the Board of Directors for SISS Consulting Inc – an IT and Cyber security company and currently holds the position of Director Global Cyber Security, Managed Services with Atos. She has extensive experience in cyber security and critical infrastructure protection and consulted on various projects in Europe, Asia, America and Middle East. With the growing need for cyber security services in the Middle East, Mrs. Deckwerth has consulted on Disaster Recover and IT security for Critical Infrastructure in the UAE and Qatar as well as engaging in increased cyber security offerings and awareness throughout that region. Mrs. Deckwerth has an MBA and MSc and is currently pursuing her PhD In Cyber Warfare.