IT professionals: what you need to know about iOS and Mac security and the enterprise

Jonathan Stewart
20 June, 2014
View more articles fromthe author
AAA
Security

iOS, security

Enterprise users beware. What do you need to know about Apple’s security? Find out here.

The iOS ecosystem is a sizeable player in the smartphone and tablet space. While not all iOS users are serious enterprise men and women, those in these vocations often seek iOS out.

A report from Dimensional Research in May, ‘Managing Apple Devices in the Enterprise’, surveyed 309 IT professionals to examine the impact of Apple’s growing presence in the IT space.

The Dimensional Research report found that 90 percent of businesses support Apple devices and 98 percent of IT professionals foreshadow a significant growth in business-related Apple devices over the next three years.

So what does that growth mean for businesses? From those surveyed, 20 percent expect that more staff will be hired to manage the increase and 40 percent stated they will receive a budget increase to accommodate the new devices.

The significant growth in Apple devices in the workspace has a number of IT professionals worried about their current resources, with 80 percent confirming that they aren’t confident in the device mobile solutions currently in place.

With the huge number of Apple devices that IT professionals are tasked to manage, over 60 percent of the Dimensional Research respondents look after over 100 devices and nearly 20 percent support over 1000 devices, and with the task expected to increase in the coming years, the job can be overwhelming.

So, what is Apple doing to help IT professionals and enterprise users protect business-minded users’ information? Here are three key pieces of information from Apple’s iOS Security whitepaper released this year that you should know.

1. Siri is tight-lipped 

Apple’s voice-activated assistant is a handy tool for a number of tasks, from logging in reminders to calculating the route to your next destination by speech, but some tasks are too complex for individual devices. Instead, it may communicate your demands back to Apple’s own servers to decipher.

While this allows Apple to update the service without issuing an iOS update to all users, it does mean Apple receives a recording of your voice, your location and your name in order to help Siri unlock what it is that you wanted. All of this information has to travel to Apple over the internet.

Apple aims to reduce the amount of information heading its way via progressive disclosure. This means Apple only receives information paramount to solving your request. For example, if Siri requires a more accurate location to gauge the weather around you, it will seek that additional information.

Any transcript or location information that Apple seeks from your device is discarded after 10 minutes, but recordings are kept for up to two years.

2. iMessage data encryption 

iMessage data, like many internet services, requires public-key cryptography to work.

How does it function? It uses two long numbers to decipher the data encrypted by the other. iOS creates two keys when you open iMessages, and passes one to Apple called the public key and locks one away on the device.

When a message is sent your way, Apple provides the sender with the public key, which the sender uses to encrypt the message for your device. The encrypted message is sent to Apple, which then sends it to your device.

The process means that iMessages are secure, except Apple could, in theory, gain access to the information on its messaging network via its public keys. This is very unlikely, however, and, if you trust Apple, you have nothing to worry about.

3. Secure chips

Apple’s top-end iPhone, the iPhone 5s, features an A7 chip with a special co-processor. The ‘secure enclave’, as Apple describes it, offers each iPhone 5s with a separated area of memory for secure matters. This secure memory holds the most sensitive information about a user, such as their fingerprints used for Touch ID.

During manufacture, Apple provides each smartphone with a unique serial number that even the company doesn’t know. This ‘enclave’ operates separately to the rest of the iPhone and cannot be accessed by anyone – hacker or Apple. Every time the device is rebooted, the access key changes.

 

But what else should you know?

Are you an IT professional searching for help in managing Apple devices in the enterprise?

If you want to learn more about Apple Native Security or read about the five things IT leaders should know about the new reality of Macs in business, two JAMF Software whitepapers are available to download below.

 

If you want to learn more about Apple Native Security or five things IT leaders should know about the new reality of Macs in business, two JAMF Software whitepapers are available to download below.

If you are interested in learning about the modern, mobile workforce or enterprise security with the Apple platform, click the link below to see the webinar of your choice.

 

 

 

 

 

Leave a Comment

Please keep your comments friendly on the topic.

Contact us