http://www.juiceapac.com/solutions

Most enterprises should wait before broadly deploying and supporting the iPhone," writes Jack Gold, an analyst at J. Gold Associates in Northborough, Mass., in a newsletter published for clients and released today.

Gold listed several limitations, the most important being a lack of data encryption native to the device, which would make the data on the iPhone vulnerable if it is lost or stolen.

One large business beta tester of iPhone 2.0, who asked not to be named, said lack of native encryption and general security worries are so great with the device that any other concerns about functionality are secondary. However, the tester also said that Apple is shipping new builds of the iPhone 2.0 software nearly every week, and that improvements could be made before the iPhone's scheduled shipment on July 11.

Gold also described a lack of device management and end user policy settings to enable IT to manage the device, deliver applications and set policies, such as the ability to turn off the camera if required by company policy.

A concern raised by some IT managers who heard Monday's announcement about iPhone 3G was the lack of an over-the-air means to deploy enterprise applications.

Gold also mentioned this concern about application distribution and said that if an enterprise must deploy applications through the App Store, it would require the business to go through an Apple server "which is generally unacceptable for mission critical and/or proprietary apps." Apple said enterprises could also use iTunes through a workstation, meaning a wired connection to the iPhone would be required. But Gold said many businesses don't want to do that.

Other concerns that Gold raised include the absence of an Apple development environment in most businesses, which would require more staff; a lack of information about the device's durability and how much service will be required; lack of a removable battery, meaning heavy users might need a second one to get through a work day; and lack of instant messaging capability.

Having to commit the business to use only AT&T Inc. as the carrier could also be a problem, Gold said.

"It is highly unlikely iPhone can meet compliance standards for full security and audit trail in regulated industries," such as financial services, health care, government, retailing and legal services, he added.

Gold said the limitations means that businesses should deploy the iPhone 3G only as the exception, for example, for executives who demand it, and that IT staff will need to find add-on applications that make it secure. One example of how this might work is to deploy Sybase Information Anywhere software for e-mail deployments on iPhone, he said.

"IPhone will seep into the company, but will require special handling if it is not to represent a security and data protection risk," Gold said.

Ken Dulaney, an analyst at Gartner Inc., said earlier this week that because iPhone 3G and 2.0 software are unproven, businesses should provide iPhone access only to a limited set of applications, such as Exchange and Apple's e-mail client.

One of the new features announced by Apple CEO Steve Jobs on Monday, the ability to search iPhone e-mail for a sender's name, don't seem to be included in the iPhone 3G or 2.0 beta software, the beta tester added. Perhaps it will be ready by the time the product ships July 11, the tester said.