iPhone 4 email encryption

I have a nice new iPhone 4. I can use it for my work calendar, but not my work email. The reason why is because I work for a medical company and email is very protected.

I have heard that the encryption that comes with the iPhone 3GS is laughable for real enterprise use.

Did it get any better with the iPhone 4? Or is that just an OS based thing?

If it is iron clad safe then I might be able to convince my company to let me get emails on my device.

Solution 1:

The article cited in your question is from before iOS 4 started using "Data Protection, which is Apple's term for creating an encryption key based on the users lock code or password. Basically the hardware encryption is used, but only accessable after a user has created an encryption key (which is based on the entered Passcode), and as soon as the phone is locked or turned off, the key is erased.

The problem is that apps are only going to encrypt data if they utilize the Data Protection API, which the Mail app does: http://support.apple.com/kb/HT4175

It's also what setup the groundwork for the remote wipe feature, which destroys the Key as well. source

Solution 2:

iOS 4 strengthened the enterprise security features. If you want to encrypt your profiles, install them after a secure wipe, require VPN to the mail server (or to everything for logging and extra security) and lock down the devices, it's pretty easy to satisfy the most privacy minded companies.

The enterprise developer program is opened up and has tons of resources including code examples on how to build, sign, encrypt and deploy proprietary apps if you are worried about the default mail app which is locked down quite well these days.

Once the devices are locked, it's not easy to get them and Apple's track record of patching holes like the one you listed over the past 4 years is fairly aggressive.

Whether your company has the inclination to learn about, deploy, test and use these tools is something I'll leave up to you.