Good[tm] for iPhone

As I mentioned back in July we started an evaluation of Good on the iPhone.   We used Good in the bad old days of RIM’s patent fight.  Some executives stated they wanted a quick out plan in case RIM was forced to shut down.   I don’t think that was ever likely to happen.   It did allow us to bring in what was then the current top (gadget) fashion accessory.  A Palm Treo.   I think we had both the original palm operating system and a Windows Mobile version.   I really hated it.   It locked up often requiring a device reboot (pull the battery). 

As I understand it we were able to bring our Good license back up to date without much trouble.  So the remaining question is will the current gadget accessory, the iPhone, work well with Good.    Part of security is usability so this post will largely focus on Good’s usability.

For those not familiar, Good is installed as an application from the App store.   Once that is installed, it can be provisioned over the air just like the Blackberry.   No issue there.  

I’m sure you can find other places that do a blow-by-blow comparison of the policies available on a Blackberry versus Good.  I think it has the policies needed.  One issue we had for a bit was every time we exited Good even for a second, we’d have to reauthenticate when we returned to it.   It turned out we had the security policy a bit too tight.  The Good environment can be set to timeout after x minutes whether you have the app open or not.  

Good does not do S/MIME.   This really sucks.   This is on their roadmap for this year.   First being able to verify signatures and then later being able to encrypt/decrypt messages as well.   So they’ll be catching up with Blackberry.    I haven’t heard if Apple has any plans to support this natively on the phone.  I didn’t ask if PGP support was in the offering.  

There seems to be issues with HTML only emails.   I’ve had that issue with a couple of message where nothing displays.   To be fair we had an issue like that with the Blackberry.   If I recall correctly they hated Cyrillic characters.

I have not checked what attachments are supposed to be readable.   I had issues with a few docx files.  Yet when I sent myself a docx test file, it opened correctly.   There is a configuration to keep larger attachments (4 MB by default) from downloading to the device.

If you used Notes or Tasks in Outlook those items are not synced

There are a number of Good settings that aren’t supported on iOS 4 right now.   You are unable to deploy the iPhone configuration file using Good.   It’s a good idea to be able to refresh that configuration rather than just when the phone is new.  In Good’s compliance policy they have a section to force Good to close or wipe itself if it detects the phone is jailbroken.   If I understand a co-worker correctly, he was told by Good that feature doesn’t work on iOS4 either.  I haven’t gotten an answer on how Good tells its jailbroken.   It appears that its checking for installed software (and I’d need to supply the names of the apps to look for).

My only issue with Good and calendaring is the meeting reminders are worthless.  Seems like whether the app is unlocked or not, I get “good meeting reminder” then I have to open Good to see what the meeting was.   One of those security tradeoffs.   But a meeting title isn’t that secret to me.

Apparently delegation is not working.  My Director issued an invitation from Good to a Senior Manager.   The Admin Assistant was unable to accept on his behalf even though she had the correct Exchange rights.   I’m wondering if that is a Good configuration issue rather than something that would require a patch.   

Bottom Line
It’s a bit sad but Blackberry is no longer something they’d have to pry from my cold dead hands.   The Good application is more than acceptable usability and I think security too.   I probably check mail a bit less because it’s in a separate application but that can be a good thing.  The work/life balance can be improved if I’m not looking at work email every 5 minutes.

I’ve now heard question about allowing Good to be installed on personal iPhones.  Check out the Forrester article I linked to yesterday for some tips on policies to use in that event.  To a certain extent the flood gates are opened.   If Good is good enough for a corporate iPhone.  What about personal iPhones.  What about Android. 

I’d love to hear what other people do about a device pin/passcode versus a Good pin/passcode.   Some people feel with a strong passcode policy on the Good application no device passcode is necessary.   I’m not sure I agree with that.