Good question. I lose a phone about twice a year.  :)

Can you password protect files on an iPhone like you can files on a computer?

I think this issue will become one of the keys to who wins the enterprise customer. As a lot more data goes on the device security is imperative.

you can't lock specific files on your phone, but you can put a "passcode" on the iphone. its a 4 digit number to unlock the phone. It's nice but annoying so most people turn it off.

Hmm, maybe that's an app that can be written. I know I would buy it.

Not really if it's needed though. About the only "files" you use on the iPhone are email attachments. I know you may use files in other apps, but I believe the iPhone doesn't an app to mess with a file that was created by another app. 

Yeah, that makes sense.

One thing most people don't know is that the passcode to the iPhone is configurable.  By default it is a 4-digit number.  You can change that to be something more secure, similar to a blackberry, to be alphanumeric and of any length.

 

As far as enterprises, they can control the security of an iPhone by being able to lock from there systems if something happens, preventing anything from being done on the phone until they unlock it again.  They can also wipe the device to prevent any attack attempts.  MobileMe can do some of that functionality but not all.  The iPhone is design as a serious competitor to the blackberry with enterprises and did a good job of that.

Hi Rbrandon,

 

Kudos to you for considering security on your handset.  It is often overlooked.

 

Hacking a phone is not exactly "easy".  Researchers have been advancing their understanding of the various security models on the platforms in the marketplace, but for now, there aren't really any attacks that affect all devices the same.  There are examples of single instance device vulnerabilities out there and in most instances those vulnerabilities have been addressed through software updates.

 

The far bigger area of concern for most users probably should be applications from appstores.  Just because someone is smart enough to write an application for a handset doesn't mean that they're trustworthy.  Users should have some understanding of how to tell whether an application might be dangerous for them.  You can do this by understanding your platform's prompting model.

 

Prompting informs you that an application is going to do something that might have privacy or billing ramifications.  For example, if the application is going to use the GPS radio to locate you, you will see some notification from the device  (either at installation or execution time, depending on the platform) informing you that this is the case.  When an application prompts you for permission, you should pay attention- your decision will have ramifications for your privacy.   Understanding application propmting should enable you to guage whether or not the fun little pacman game you downloaded isn't secretly stalking you.

 

Your device is trustworthy as long as you understand it's limitations and how it works.  Look into your device's platform to understand the security model. 

 

Here are some links to help you get a handle on the various security models for handsets:

 

Apple:

http://images.apple.com/iphone/business/docs/iPhone_Security.pdf

 

Blackberry:

http://docs.blackberry.com/en/smartphone_users/deliverables/14194/Security_features_763457_11.jsp

 

Windows Phone 7:

http://www.intomobile.com/2010/08/26/a-peek-at-windows-phone-7-security/

http://blogs.msdn.com/b/jaimer/archive/2010/04/30/windows-phone-capabilities-security-model.aspx

 

Android:

http://developer.android.com/guide/topics/security/security.html