DOC RABE Media - Fotolia

News Stay informed about the latest enterprise technology news and product updates.

IT pros confident in Apple iOS data protection, encryption

Apple's enterprise security features draw praise from IT pros who say iOS data protection and encryption make the operating system a strong business platform.

Apple iOS data protection technology is a tough nut to crack, according to IT professionals who cite its wide range of capabilities.

Apple's iOS encryption has been a major topic of conversation lately, in light of the dispute between Apple and the FBI. Citing its pledge to protect all users' privacy, Apple refused to help the FBI hack into the iPhone of one of the shooters in December's San Bernardino, Calif. terrorist attack. In the eyes of many IT professionals, Apple's handling of the situation confirmed their confidence in iOS as a secure, enterprise-grade platform. 

"That is more powerful than any encryption," said Dominic Namnath, CIO at Tri-Counties Regional Center, a nonprofit organization based in Santa Barbara, Calif. "The IT industry values that commitment. That's the biggest benefit to iOS."

All iOS devices have built-in encryption mechanisms in both the hardware and firmware to secure user data. Apple's iOS data protection follows Advanced Encryption Standards (AES), which even the U.S. government uses to protect classified information. Because iOS encryption scrambles data  when the device is locked, nobody -- from a hacker to the FBI -- can read it, even if they were able to enter the phone without the password through jailbreaking software or other means. And the device will disable itself if someone enters an incorrect password too many times in a row.

Apple ramps up security

Early on, iOS was not viewed as a secure platform, but that changed after the release of iOS 4 in 2010, said Michael Finneran, principal analyst at dBrn Associates in Hewlett Neck, N.Y. In that update, Apple opened its APIs to allow for third-party mobile device management (MDM).

Everyone downplays Touch ID, but it's probably one of the biggest things that ever happened to mobile security.
Michael Finneranprincipal analyst, dBrn Associates

"That was the turning point," Finneran said. "We haven't had any concerns about the iPhone in years ... and they keep making it better. Apple has made it clear it is not slowing down."

In the most recent version, iOS 9, Apple extended the length of device passcodes from four to six digits, which improved secure authentication, said Matt Kosht, an IT director at a utility company in Alaska.

"Apple's ... always feverishly working to close any loophole," he said. "It takes security seriously, which is where enterprises are concerned the most."

Apple's Touch ID, which allows users to authenticate via a fingerprint, is another key iOS data protection feature. Prior to Touch ID, which debuted on the iPhone 5s in 2013, many users opted not to use passcodes, which threatened security, said Michael Oh, managing CTO and founder at TSP LLC, an Apple reseller based in Boston. But with Touch ID and a six-digit passcode, if an iPhone or iPad is lost or stolen, it's extremely difficult for someone other than the owner to access its data.

Apple also opened the Touch ID APIs to third-party apps in 2014.

"Everyone downplays Touch ID, but it's probably one of the biggest things that ever happened to mobile security," Finneran said.

Another feature, per-app VPN, differentiates the network paths for corporate and personal data. IT can configure specific apps to have VPN access and restrict others.

"In the early days of iOS, you had to add extra security on the device, but now the apps are very isolated from each other out of the box," Kosht said.

Still, there is one built-in iOS feature that makes some IT pros nervous: iCloud, Apple's cloud storage service, which offers automatic backups of device data and settings.

"iCloud ... is probably the thing Apple could spend more time on," Kosht said.

An iOS device that automatically backs up corporate data to iCloud could raise concerns around data leakage and regulatory compliance. In addition, hackers could gain access to iCloud accounts without even accessing a device.

Next Steps

How iOS fits into the enterprise

Fight against the Masque attack on iOS

Explore iPad MDM

Read up on the SAP-Apple iOS development partnership

Dig Deeper on Apple iOS in the enterprise

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

What are your thoughts on the Apple-FBI feud?
In my opinion if the FBI went through the proper channels, obtained a search warrant and asked Apple to unlock this one  phone, there should not have been an issue. Could Apple have been charged with withholding evidence?  If the FBI was looking to get the code to unlock the phone and any future phones, that's where I have an issue. It should be on a phone by phone basis. Another thing is the owner of the phone was dead were they not ?
I consider Apple to be on the wrong side of this particular situation.  The issue of personal privacy is not an issue because the phone did not belong to the shooter.  It belonged to the government agency for which he worked.  Therefore the phone and everything on it belonged to the government.  His employer has the right to say if the phone should be cracked or not.  I believe it is the policy of every company or government agency to reserve the right to access any company device provided for its employees.  There should be no expectation of personal privacy when using a company/government owned device. 
How many lives are you willing to trade for all that privacy...? Because that's what it comes down to - your data or your life. Except it would be someone else's life you're gambling with. In the end, there's little joy in announcing "all those people died, but my data is safe...."
Apple IOS is the most insecure app in 2015/2016 with the most vulnerable platform.
It has 857 vulnerabilities publicly published.
2015 had iOS at number one sport for CVEs. You don't want number one on this list, it is usually reserved for Adobe Flashplayer or perhaps Java. But iOS was 1, OS X was 2 and Abode Flashplayer relegated to 3.

So, iOS is secure? I don't think so. But that doesn't mean it won't get there, it isn't there yet though and mistakes keep happening with every update to iOS, so perhaps it is a battle that will never be won -- Apple care more about profits than CVEs it seems.
Be very careful of how tight you want all that so-called "security". There are real lives at stake and data encryption needs to balance privacy against safety. This is not simple - there are many options between YES and NO.