As John Chirapurath, director of Microsoft's identity and security division explained to me, Microsoft is focusing on identity management in response to the exponential rise in malicious code attacking corporate firewalls. Rather than trying to block specific attacks, Microsoft's new security strategy is predicated on identifying approved users and granting permissions based on their roles, using previously established IDs and passwords to "understand who you are and what you're allowed to do." Microsoft used this approach in designing email security application Microsoft Forefront Security for Exchange.
Ironically, making it easier for IT administrators to manage email security also helps individual employees get Apple products in the door. This hasn't gone unnoticed by Apple, which this week introduced technology that makes it possible for its customers to receive corporate email via Microsoft's Exchange server.
AppleBlog's Weldon Dodd claims that support for Exchange will do more to help Apple penetrate the workplace than "Intel processors, Active Directory integration, virtualization, and the iPhone have accomplished in the last several years."
Apple's features for Exchange have even outdone Microsoft in some respects, for instance by allowing Mac users to create meeting invitations by dragging contacts into a calendar appointment, something that can't be done using Microsoft Outlook.
Apple also introduced other security features, like encryption and the ability to erase phone contents remotely to protect enterprise data when a phone is lost or stolen. Ed Laczynski, CTO of technology services vendor LTech, told me today that "remote wipe looks like an enterprise play to me. It tells you where they see themselves vis-a-vis BlackBerry," he said.
The company also introduced a whole raft of other features intended to make Apple a mainstay of corporate IT departments. According to Mitch Wagner, "the biggest enterprise boost came for the new server version of Snow Leopard," running at twice the speed of its predecessor, and Mobile Access Server
to allow enterprises to provide their users with secure access to firewall-protected network services for iPhones and Macs.... [including] strong encryption and authentication between the user's iPhone or Mac and a private network.This isn't going to happen overnight -- and I don't think Apple thinks it will either -- but Apple is putting pieces in place today for the day when enterprise computing completes its tectonic shift from desktop equipment loaded with applications served from behind the corporate firewall to mobile devices with applications downloaded from the Internet.
If there's any doubt of Apple's intentions, just note what Apple vice president of software technology Guy "Bud" Tribble told a hall packed with developers: "The Mac is a great deal that fits in anywhere, and by anywhere I mean the office environment."
Once employees have begun using Web-based applications as a matter of course, for tasks like word processing and managing their customer accounts, Apple will be in position to relegate Microsoft it to the second-class status Apple currently occupies in the enterprise IT pecking order.