American culture is inundated with i-Things. Apple products, the iPhone and iPad in particular, have permeated American culture to a degree that rivals Coca-Cola and McDonald’s.
The public sector certainly hasn’t been immune to this phenomenon. In fact, Apple-in-government sightings — once rare — are becoming more and more common. In late February, an iPad 2 was spotted on President Barack Obama’s desk as he signed an executive order, perhaps the same device that Steve Jobs, Apple’s late founder and CEO, reportedly gave him last fall.
The president isn’t the only public employee who wants a tablet. One recent report estimated that by 2013, there will be demand in the federal government for more than 500,000 tablet PCs — a market that’s dominated by Apple’s iPad. Government Technology’s own research shows that iPads are by far the most popular tablet used by state and local agencies.
And now many government workers carry two phones: the one that’s required and their personal iPhone. A recent Government Technology survey of state and local IT professionals found that roughly half use their personal smartphone at work, and most of them say their primary device is Apple’s iPhone.
It’s increasingly clear that governments love Apple devices. What’s uncertain, however, is how much Apple loves government. “They are a consumer pure play,” says technology pundit Rob Enderle, explaining that Apple has focused on the consumer market “like a laser” since the mid-1990s, when Jobs collapsed all of its business units.
Still, there’s big demand for tablets and smartphones in government, and it seems Apple is starting to take notice.
The consumer focus has been great for the company’s bottom line, but it’s causing some growing pains as more Apple devices make their way into state and local agencies. Some CIOs complain that they don’t have an easy way to procure the devices on a large scale (and perhaps that the company isn’t as willing as traditional government vendors to jump through all of the hoops associated with the public procurement process). Other institutional buyers have grumbled about the lack of dedicated support for business users.
But probably the biggest knock against Apple’s hot-selling mobile devices is the lack of built-in, enterprise-level security and device management capabilities — a deficiency that’s shared by the fast-rising Android platform. Neither of these newcomers compare with the gold standard for secure corporate mobility: RIM’s rapidly fading BlackBerry.
There are signs of change: Apple’s government app store, custom app store, and systems integrator program certainly signal interest in public-sector business. Once wary of catering to anyone but the almighty consumer, it appears that Apple’s new leadership may lead the company toward the enterprise.
Apple declined requests for comment, but according to Michael Rose, lead editor for The Unofficial Apple Weblog, the company is changing its ways.
“The idea that Apple doesn’t care about enterprise or the government as a market is one of those myths that has a kernel of truth to it,” Rose said. “That has been far less true in the past eight to 10 years.”
Historically, Rose said, one of the biggest problems Apple has had is being able to show a product road map that managers could use to plan for the future. When faced with those kinds of questions about its products, Apple reps could do nothing but shrug. But Apple is starting to cater to government and that can be seen, Rose said, whether it’s iPads in classrooms or iPhones in boardrooms.
Enderle agreed, saying business and government buyers will be hard for the company to resist. Jobs may have been able to use his legendary “reality distortion field” to ignore the enterprise market, he said, but his successor is likely to succumb. “[CEO] Tim Cook is human and he will undoubtedly find the same attraction [to enterprise] all of his peers have found,” Enderle said.
The U.S. government spent $90.2 million on RIM products in the fiscal year ending Sept. 30, 2010, according to Bloomberg Government data. So it’s natural for other technology companies to start thinking about getting a slice of that pie.
But Enderle contends that such a move could be risky for Apple. “That enterprise focus really takes the edge off catering to consumers. It’s hard to do both well,” he said. “Selling to enterprise is a low-margin business and Apple is a high-margin company. I think it’s a trap.”
Apple is popular, but not yet a mainstay in government. Many agencies hold on to the BlackBerry, despite the device’s waning popularity. A market overview of mobile security published in October by Forrester said RIM’s BlackBerry continues to be “in a class of its own” when it comes to mobile security. It’s not that workers particularly want to use the BlackBerry; there just isn’t an equally secure, well understood alternative yet.
That hasn’t stopped public-sector workers across the nation from clamoring for the new devices. And the trend has been a challenge for IT and security professionals charged with ensuring the safety and privacy of government systems and information.
“It’s part of the consumerization of IT,” said Mike Russo, Florida’s chief information security officer. “I think people move toward the iPhone platform because it’s new and cutting edge, and people want to surf the Web. From a business perspective, we’ve got to find a way to make it work securely.”
Things like firewalls and anti-malware software need to come standard on smartphones, Russo said. The lack of security features like remote data wiping, permissions setting and encryption also make Apple and Android devices unsuitable for out-of-the-box government use. It’s possible to get different combinations of security features on a given phone with third-party software, but for an agency already configured for RIM, a transition can appear daunting.
Rose, the Apple blogger, was circumspect, saying some enterprise security concerns may be overblown. A transition from yellow legal pad to iPad, for example, doesn’t mean a security issue needs to be invented. Paper doesn’t have password protection, so why worry about iPad passwords?
“You’re asking for things because they’re on a checklist. You need a new checklist,” Rose said. “It’s like asking for a firewall for your toaster.”
He contended that there are workarounds for most of the issues and that security managers should be able to perform a clean swap to Apple if they wish. “It depends on the system, but the solutions are there,” he said.
Rather than focusing on security, managers should be looking at device management, Rose said. Apple does need improvement when it comes to managing a large fleet of devices, he acknowledged, but added, “The good news for Apple is the hooks are there for mobile device management at a very high level.”
To fill the void, third-party vendors are piecing together security features for iOS and Android platforms in an attempt to provide complete enterprise solutions for smartphones. Some government agencies are content with third-party solutions and have made Apple and Android platforms an option for their employees. But Russo and others want better first-party support before switching.
Whether Apple decides to take that big shot at enterprise is yet to be seen, but in the meantime, third-party vendors for secure enterprise smartphone integration have reaped the benefits of Apple’s disinterest.
One such company, Good Technology,saw a big spike in business since launching support for iOS and Android in 2009, said John Herrema, senior vice president of corporate strategy for the California-based firm. “The explosive growth we’ve seen since then has been due to those platforms.”
Herrema said he’s not worried about Apple taking away the company’s business by supporting the enterprise. “There’s a certain amount of tension between consumer-oriented platforms and the requirements of something like a financial institution,” he said, adding that Apple and Android won’t keep up with the specialized security and fleet management features offered by companies like Good Technology.
Virginia didn’t want to wait for Apple any longer and in September became a customer of Good Technology’s mobile solutions, said state CIO Sam Nixon. “It’s very similar to how the BlackBerry BES server works. It fits very nicely with what we were already doing,” he said. “The technology clearly gives us a very secure method of connecting, especially to email.”
Nixon said he’s content with using Good Technology as a third-party solution, and the price is comparable to exclusive BlackBerry usage because employees who want to use other smartphones are required to pay for the phone and service.
There are others, like Delaware Chief Security Officer Elayne Starkey, who says the state gets all the functionality it needs from Microsoft ActiveSync software.
There are about 500 BlackBerrys and about 200 smartphones being used in Delaware state government, Starkey said. The state's BlackBerry server will be retired in 2013, she said.
Starkey said security for smartphones with ActiveSync is not as good as it is on BlackBerry, but the state has been able to achieve a similar level of protection. “It was really not difficult to set up,” she said, adding that the state’s security controls include inactivity time-outs, encrypted data, remote device wipe, strong password requirements and password history. Starting in May, Delaware began using the McAfee Enterprise Mobility Management solution.
Another crucial security measure, Starkey said, was to kick off anyone on the network who didn’t have a “sustainable business need” for being there. This was prompted after a security breach in which an employee was found using a personal smartphone to connect to the network before smartphones were allowed.
Operating without strong first-party support and without the help of a vendor like Good Technology, Starkey said Delaware’s system works well.
So it appears that governments are finding plenty of ways to use Apple’s iPads and iPhones — along with other consumer-oriented smartphones and tablets — regardless of direct vendor support. But if Apple watchers are on the money, government could soon be feeling more love from one of the world’s hottest technology companies.
Editor's Note: The online version of this article was updated to include new information from Delaware Chief Security Officer Elayne Starkey.