We cannot obtain iPhones in my work environment due to "the whole music management problem on servers." Our management is concerned about users putting MP3 files on their laptops or on a server filesystem. After reading Apple's iPhone Enterprise Deployment Guide, it seems the only portions of ITunes that can be restricted are the same things the "Parental Controls" choices give you.
Is there any alternative here? Any better means to support the iPhone in a corporate environment that may not require ITunes?
We have iPhones deployed to 90+% of our employees. We allowed users to use iTunes for music before they had iPhones, and we continue to allow them to use it now.
To relieve the burden of storing and backing up their music collection on our networked filesystems, we simply redirect the iTunes library to their local machine's hard drive with no encryption or backup. On Mac OS X workstations, we use MCX Redirection to specify this. On linux you can do it manually with symlinks and some scripting. I'm sure there's a way to do it on Windows fairly easily too.
You really only need iTunes for activating the iPhone, but I'm guessing the concern is what will prevent the users from attaching their iPhone to iTunes at home an loading it up with music. If you block iTunes (or more so the access to iTunes) at the office, there would probably be little risk of a user saving music on their workstation or file servers (there are lots of tools for filtering media files on file servers). Of course there are other issues that can arise from someone installing hardcore rap (or Brian Adams) music on their (actually a corporate asset) iPhone, and possible offending other employees.
I'm really not sure what options you have, as I'm not aware of there being any security policies (I don't believe iPhone has that capability) that you can apply to an iPhone (like a Blackberry/BES solutions). Perhaps Apple or a third party vendor will put something together, but then I'm not sure if that's really a direction Apple wants to go with the iPhone.
I would pursue a well written usage policy with your IT/Corporate security. It's not perfect, but at least you can get an employee to agree (in writing) not to load the phone up with music or unsupported apps under penalty of termination.
Just my 2 cents.
There's an Apple-provided iPhone enterprise configuration utility described and available here, this seems to provide a lot of options for configuring your iPhones for enterprise, although the documentation doesn't mention anything about being able to do exactly what you want.
The iTunes restrictions which are apparently available described in this PDF, I tried to copy-and-paste them here but the PDF messed the text up...
We got iPhones for our users this past summer after a lot of debate.. in the end we were told by the President that that is what we were getting and to make it work :) We don't allow iTunes on the network (outside of IT for updating purposes) - it's blocked by our webfilter, plus the users don't have admin rights on their machines, so they can't install it. I tried the iPhone policy that Apple provided, but it didn't always apply the same across the board, so we ditched it and just use the built in exchange mobile policy for password and screen lock enforcement and it works well. The users have a general list of do and don't installs (ie: you can't install bump, or any other apps that might allow the contacts to be removed from the phone), and our general use policy which covers internet use, etc., applies to the phones. Each time there is an update to the phone (which seems to be monthly thus far) the phones are turned in for updates as well as audits for things we don't want on them. If something is there, it's removed and the user is warned, eventually they will either lose the right to the phone or be dismissed. So far, it's been working well, no problems or incidences yet. HTH...