iPhone in The Enterprise

iPhone in The Enterprise

I’ve been somewhat fretting over the influx of iPhones into TTUHSC. I use one, but it’s my personal iPhone and I’m good about changing my password. But I know not everyone is. Recently we were informed that an entire department was using iPhones and a 3rd party app to access patient health information. Once I had that information, my fret level cranked up a notch.

Don’t get me wrong. I’m all in favor of the iPhone. I think it’s hands-down the best smartphone on the market and I want my customers to use it. But I have to balance this with legislative compliance, which includes access to patient health information. If a doctor doesn’t have a password on his phone, or doesn’t have it configured to self-wipe after a give number of failures, and has it configured to auto-join our network without prompting for credentials, that’s a problem. At a minimum, I need some way to ensure that the iPhone requires a password.

Today, I found Apple’s iPhone and iPod Touch Enterprise Deployment Guide. It’s a quick read. By using the iPhone Configuration Utility, I can ensure that passwords are required and, as icing on the cake, I can also enforce password requirements (letters, numbers, length) and password expiration. The configuration utility also helps you set up basic Exchange and VPN configuration, as well as limit what apps can be installed.

It’s not perfect. The Help Desk has to touch every iPhone to ensure the standard profile is installed, and it’d be nice to have one interface from which to enforce enterprise-wide policy changes – an enterprise-wide iTunes, if you will. But it’s a huge step forward. This should speed enterprise acceptance quite a bit. And I couldn’t be happier.