Apple has released a document that examines the security technology and features implemented within iOS, the platform that operates the consumer market’s most successful line of mobile devices. While none of the information is new or unknown, the guide is noteworthy, if only because it offers an official basic list of best practices to organizations wishing to deploy Apple devices.
Apple isn’t known for discussing their security, so the guide released this week is a rarity. While the information within the guide itself isn’t new, it represents official conformation of the data that the security community has worked to develop and define over the years. It also offers a set of recommendations, what the guide calls key elements, which organizations should understand when evaluating or deploying iOS-based devices on their networks.
At the same time, Apple seems to dismiss the notion that such a guide is even needed.
“Apple designed the iOS platform with security at its core,” the guide explains. “The combination of required code signing, sandboxing, and entitlements in apps provides solid protection against viruses, malware, and other exploits that compromise the security of other platforms. The App Store submission process works to further protect users from these risks by reviewing every app before it’s made available for sale.”
The guide examines the various elements of the iOS platform, including the architecture (i.e. how the secure platform and hardware intermingle to offer one layer of security), as well as encryption and data protection, network security, and device access.
The key to deploying iOS within the corporate environment however, as explained by Apple, is to ensure that the security features within iOS align with IT and security policies and requirements.
While it may seem like Apple doesn’t feel a document of this type is needed, based on their statements and the fact it was published without fanfare, clearly they understand the value of layered security and the needs of their corporate clients. Thus, they have released official guidance and documentation.
Given the popularity of iOS, and the need to get a handle on mobile device management, the guide is worth reading, especially if mobile security is a mission critical requirement.
More from Steve Ragan
- Anonymous Claims Attack on IP Surveillance Firm Brickcom, Leaks Customer Data
- Workers Don’t Trust Employers with Personal Data: Survey
- Root SSH Key Compromised in Emergency Alerting Systems
- Morningstar Data Breach Impacted 184,000 Clients
- Microsoft to Patch Seven Flaws in July’s Patch Tuesday
- OpenX Addresses New Security Flaws with Latest Update
- Ubisoft Breached: Users Urged to Change Passwords
- Anonymous Targets Anti-Anonymity B2B Firm Relead.com
Latest News
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation
- Google Cloud Users Can Now Automate TLS Certificate Lifecycle
- Zyxel Firewalls Hacked by Mirai Botnet
- Watch Now: Threat Detection and Incident Response Virtual Summit
- NCC Group Releases Open Source Tools for Developers, Pentesters
- Memcyco Raises $10 Million in Seed Funding to Prevent Website Impersonation
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
