My Digital Life

After a few weeks waiting, O2 finally shipped an iPhone 3G to me on Tuesday, so I’ve spent a good few hours fiddling with it over the past few days.  I thought I’d post up a few thoughts, really for my own benefit in keening some notes.

Compared to the Windows Mobile phones I’m used to, the iPhone setup, activation and registration was a real mess… With pretty much every other phone I’ve used you put in the sim, turn it on and that’s it.  I’m really not keen on this requirement to register the phone with iTunes before it can be used. 

For consumers it’s probably ok, but in an Enterprise do you really want to install iTunes on your (probably) managed desktops?  Personally I can do without iTunes and its MobileMe adverts etc for a work phone.  I’m reasonably sure I won’t be the only one either.  To be honest I don’t even bother with ActiveSync these days and just do everything over the air.  Apparently O2 have some managed services that might help here, and I’ll be looking at them as soon as possible.

The other slight problem was with O2, they managed to incorrectly activate the sim’s or something that lead to a 24 hour delay in activation.  It was only with the inside knowledge of our service manager here that we managed to identify and fix the problem.  Hopefully this was a one off issue with the two iPhones and sim’s they sent over, but if I’d been an end user I would not have been happy as O2 were initially insisting everything was fine and we had registered the phones incorrectly.

Now it’s all working though, I have to say the device itself is great.  Quite a few people have told me that it’s slower and less responsive than the original, but as a new user it seems fine to me.

The apps all work well, and the browsing experience is much better than on Windows mobiles - with the possible exception of the Opera browser on the HTC Touch Diamond. 

I’m also impressed with the App Store.  I found some great apps for twitter and Facebook, and I can’t wait to see what else appears over the next few months. 

Back to the work stuff… the setup of Exchange ActiveSync was nice and easy, and the interface for mail and calendars is nice to use.  It’s be good to see tasks etc added in, but I can live without those for now.

Although I’ve played with the configuration tools, I’ve not applied any profiles yet.  I’ll be doing that over the next few weeks though.

The big omission in my mind is the ability to set a window where push email is activated.  On my Windows phones I have push setup between 7am and 6pm and manual syncs during the evenings and weekends.  I find this is not only useful for separating work from home, but also saving battery life and data charges.

Speaking of battery life… Oh dear.  Now I’m not really a heavy user.  On my other phones I usually keep wifi and bluetooth off, just keeping email pushing down and doing the occasional bit of browsing.  Usually I go a day or two between charges on my S620. 

When I got the iPhone 2 days ago it was charged more or less all day - in that is was plugged into my laptop while we sorted out the activation problems.  Yesterday I turned it on at about 10am and it was dead by 3.30pm.  Admittedly I was busy playing with it and trying stuff out.  So I got home and charged it up again and turned it off over night. 

This morning I turned it on at 8.30ish to try out hahlo.com (a great twitter app)… looking at the usage stats it’s been on for 2 hour’s 33 minutes and I’m at ~40% battery.  Wifi, Bluetooth, GPS and everything else apart from 3G and push are off.  That’s really not good.  At all.

I’ve read that the battery life improves after a few charge cycles… if not, as much as I like it - and despite the the little problems I really do like it - I’ll have to send it back… if it can’t last a full day between charges its really no use to me :(

So overall… I really really like the iPhone 3G.  the interface and user experience is much nicer than the standard Windows Mobile phones I’m used to.  I’d like to spend some more time with a Touch Diamond as a comparison, but overall it’s streets ahead.  I’d also like to loose the iTunes requirement - in an Enterprise I just don’t think that’s on.  But… the battery life so far is a killer problem.  As it stands today, mine will be dead by noon.  But I do really like it. Lots.

Yesterday I was having a conversation with someone about the iPhone configuration utility and heard a comment asking why the iPhone allows settings to be emailed to the device.  What they meant was that if your device is un-configured it wouldn’t have any email accounts to receive the settings - a chicken and egg kinda thing.

The simple answer is for ongoing maintenance of the config.  Sure it’ll be easier to deploy an initial setup using other means - the web for example.  But if you already have iPhones out in the field email should be a good delivery method for applying changes.

One thing to consider there though is training your users not to install configuration profiles that are marked as un-trusted, or that they are not expecting.  After all, anyone can download the config utilities and email out profiles.

Apple have just released the new configuration utilities for the new iPhones.  As I covered a few weeks ago, these will allow enterprises to develop specific configuration files for iPhones within their infrastructures.  It’s a very welcome move, like many businesses I’ve certainly seen a number of business requests for iPhones and the prospect of managing another platform could have been quite daunting.

iPhone Web Configuration Utility for Mac
iPhone Web Configuration Utility for Windows
iPhone Configuration Utility 1.0 Mac OS X

Each of these tools will allow you to create xml configuration files that can be either emailed to the devices or opened from the web browser.  The Configuration Utility 1.0 however can also track and install provisioning profiles and authorized applications, and capture device information including console logs.

Yesterday I got a HTC Touch Diamond to play with for a few days.  I’ve been wanting to see one in the flesh for a while, partly because I need a new phone, and partly because we’re a Windows Mobile house here and with the 3G iPhone looming we’re thinking hard about future direction.

The Diamond… well it’s a sight to behold.   The phone itself is tiny, with sharp styling and is very lightweight.  One comment I heard yesterday was that it makes any phone you sit it next to look 10 years old.  I like the look of it a lot.  The rear surface (as you’ve probably seen in photos) isn’t flat, it has slightly raised jagged pattern that makes it look like it’s been cut from stone, or well… diamond.

The small size of the device poses some interesting question.  Previously WM Smartphones used to be the smaller option, sacrificing the touch screen for a smaller footprint.  Now however, this full WM device with all the GPS and stuff is small enough that it doesn’t matter.  I’m not sure what future the Smartphone OS has if devices are now this small.

Powering the thing up, the first think I noticed was the quality of the screen, off hand I’m not sure what the resolution is, but I’ve seen desktop LCD monitors with worse picture quality, it’s very very good.  This allows the interface to use small, sharp fonts without them being hard to see or use. 

The main ‘home screen’ interface is miles ahead of any other Windows Mobile phone I’ve used (and that’s quite a few!).  At the bottom there’s a scroll bar of buttons for the main functions (contacts, photos, music, settings etc) that is easy to use and and quite intu itive once you realise it’s there.  You just move your finger across the screen until you reach what you want, for example photos, the bulk of the screen is used to show previews that you can then scroll through.  It’s all great looking and reasonably well thought out.

In fact, in terms of the user interface I’d say the worst thing was the underlying Windows OS.  Once you find a function or task that isn’t covered by the HTC installed user interface, the jolt of going back to the old Windows Mobile interface is quite shocking.  I’ve always got on quite well with WM before, but the Diamond really does highlight that MS need to start concentrating on the ‘Mobile’ part of their OS not the ‘Windows’ part.  The normal windows like GUI just doesn’t cut it in the mobile space anymore.

Would I buy one?  Not sure… If there wasn’t a 3G iPhone just days away then yes, without a doubt.  As it is I’ll wait and see.

Following it’s announcement on Monday I think its fair to say that the 3G iPhone has stirred up quite a bit of interest with people.  And rightly so I believe.

In preparation for the inevitable requests from people out in our business I thought I would do a little digging into what Enterprise support Apple have built in this time round. 

With the original iPhone business users were pretty much ignored.  There was no real support for businesses, even to the point were (in the UK at least) you had to be an individual to buy one - it was available on personal contracts only, there were no businesses tariffs at all.

Here’s a few notes on what I found in case it’s useful:

Exchange Support
Apple have licensed Exchange ActiveSync from Microsoft so can connect directly to exchange for push email, calendars and contacts.  Providing you already have Exchange (2003 or 2007) adding iPhone support should be trivial.  From the device perspective it shouldn’t be any different to setting up a Windows Smartphone.

In addition to messaging support, the iPhone now also supports ActiveSync security policies for:

- Remote wipe
- Password Enforcement
- Forcing password complexity
- Forcing alphanumeric passwords
- Specifying password length
- Defining inactivity times before the phone ‘locks’

These are increasingly important to business, especially with the current media attention on data loss and privacy.

Device Configuration
To help reduce the support overhead of deploying smartphones companies (us included) often make arrangements to have company specific settings applied by some for of automated process.  This is so that end users can be up and running as soon as possible when, and hopefully ensure everything is set up correctly avoiding extra support calls etc.

For the iPhone 2.0 software apple has built in support for remote deployment of configuration using either email or a website.

You use an iPhone Configuration Utility to build up a preferred config, and then export that setup as an XML config file.  That file can then be:

- hosted on a website that users can browse to
- Emailed to the user as an attachment

In both cases the end user will need to open or run the attachment/file.  During the installation they will be prompted for any additional information needed such as passwords.

it would have been nice to have seen some support for over-the-air config like Windows Smartphones, but its a pretty good solution nonetheless.

Within the configuration utility you can configure:

- Exchange settings (server, domain, account etc)
- Wireless settings (network, authentication etc)
- VPN Settings (server, account, passwords, groups, proxies etc)
- Password policy (complexity, attempts, length, age, timeout (etc)
- Email settings (POP, IMAP, servers, accounts etc)
- Certificates (Deploy PKCS1 and PKCS12 certs)
- Policy and Restrictions (Control 3rd party apps, iTunes, content etc)

The device also allows these settings to be signed so that you can be sure they are from your company and not a rouge source.  This might be particularly important.

Virtual Private Networks
iPhone 2.0 now has built in support most of the common VPN protocols:

- PPTP
- L2TP/IPSec
- Cisco IPSec

and authentication methods:

- MS-CHAPv2 (standard passwords)
- RSA SecureID
- CRYPTOCard
- Certificates (PKCS1 and PKCS12)
- Shared Secret

The settings for both can be deployed using the Configuration Utility described above.

Wireless
The iPhone now supports the following wireless security protocols:

- WEP
- WPA Personal
- WPA Enterprise
- WPA2 Personal
- WPA2 Enterprise

It also supports the following 802.1x authentication protocols:

- EAP-TLS
- EAP-TTLS
- EAP-FAST
- PEAPv0 (EAP-MSCHAPv2)
- PEAPv1 (EAP-GTC)
- LEAP

All of these can be setup with an configuration profile and applied using the Configuration utility over email or the web.

IMAP Mail
For organisations not using Exchange the iPhone provides support for IMAP so should be able to access more or less any email system that allows it.  Within this is support for encryption and X.509 root certificates. 

There also appears to be some support for enterprise application distribution, but I’ve not found too much info about that yet so will probably add some more info on this later.

Overall I think apple has done a good job here.  It’s hard to say for sure without having an iPhone to test with, but for now it looks like it supports most of the things we currently look to do with our Windows Smartphones.  Perhaps its not quite as much as we’d look to do if implementing something like Mobile Device Manager or B2M’s mProdigy, and I’d like to see support for data encryption, but it’s a great start an should make the lives of Enterprise IT departments quite a bit easier.  They might not become preferred device’ within companies, but there’s certainly no major reasons why they shouldn’t exist happily within the Enterprise any more.

The big question for me at the moment is how O2 will see them to business customers and what costs will be involved - especially for customers with existing contracts and data agreements.