Check Point looks to secure iPhones for business

Apple's iPhone is taking more steps toward full business use, as a security firm announced a new system to allow secure remote access to corporate network systems on the popular handset.

Check Point's VPN-1 will enable an encrypted connected that will protect the iPhone's in-transit data. It will also support the L2TP client embedded in all current and future iPhone versions. This will give customers immediate IPsec virtual private network access to corporate servers.

iPhone users will be able to send and receive email and use company resources, including internal web portals, file servers and IP-based corporate applications, without the need for additional software on the device.

With VPN-1 administrators will also be able to take advantage of a shared secret password and certificates for all iPhones on the network with specific login credentials for each end user.

This feature eliminates the need for IT to create separate gateway authentication keys for each device, easing the deployment of iPhones on the network.

Vice president of product management at Check Point Bob Egner said that as more devices are linked up to the corporate network there is an increased need for security.

"With the success of the iPhone, IT departments received multiple requests to connect the new devices to the corporate network," he said.

"The diversity of personal equipment in the work place makes the enforcement of security policies difficult. For the iPhone, Check Point created a simple configuration that provides instant, secure connectivity through VPN-1 gateways."

However, principal analyst at Quocirca Fran Howarth has her doubts about the roles of administrators with VPN-1.

"The use of shared secrets by administrators should absolutely never be allowed. It is something that can be configured using the L2TP/IPsec protocol, but is very dangerous," she explained.

"Essentially, if all administrators use a shared secret, you cannot know who has configured what. If one performs an action that causes a misconfiguration that leads to a security breach, you cannot prove where the leak originated and therefore you are out of compliance with regulations. That is the first security issue. However, IPSec provides good strong encryption," said Howarth.

Yet, despite such concerns, Egner is adamant that security for iPhones is paramount.

"As more iPhones make their way into the network, Check Point VPN-1 ensures the communication between the devices and servers remain secure."