iOS Security Tips, Part 2: What Companies Can Do
There are two sides to every story. And when it comes to using iOS devices for work, both employees and their employer’s IT decision-makers share responsibilities for keeping everything safe and secure.
We’ve already seen what employees can do to keep Apple iOS devices a bit more secure when we take them to work. Now it’s time to see what companies can be doing, as well.
The good news is that companies have many options when considering how to tighten controls around iPhones, iPads and iPod touches without negatively impacting mobile employee productivity. Here’s an initial look at some of the top things companies can do:
Prioritize upgrades to iOS7. The new version of the operating system, now available for download, includes a raft of new security features, including so-called “open-in” management that controls which apps employees may open and share files with. Automated third-party app encryption, tightened device-unlock access, per-app virtual private networking, and enhanced app deployment tools all make the new OS the most business-friendly version yet. As soon as it goes live, it’s a no-brainer for virtually all organizations to prioritize an app testing and upgrade cycle. If you’d like to learn a bit more about iOS7, we covered it in a recent post: IOS7 – What your IT department needs to know.
Tighten hardware controls. Highly sensitive, regulated or competitive industries like defence, healthcare or financial services may need to physically restrict certain device capabilities. iOS allows corporate IT to limit end-user access to specific apps (including the App Store), ban client-side app installations completely, disable cameras and microphones, and deactivate the screen capture feature. iOS also supports locked down profiles and long secure passwords instead of four-digit PINs. If you require maximum protection, consider activating these features.
Automate app installation and device management. While iOS’s built-in Configurator gives IT precise control over device profiles when new iPhones are issued, it requires a fair degree of manual setup. Automating the process via third-party apps from vendors can reduce the potential for error, reduce configuration effort and increase consistency in managing large fleets of devices.
Focus on iCloud. iCloud can potentially store sensitive corporate information on Apple’s cloud-based infrastructure. Companies should clarify differences between personal and corporate data by precisely defining use cases for each, and then ensure that sensitive corporate information isn’t synced to iCloud.
The bottom line
While iOS was initially built as a consumer-focused operating system, it has subsequently matured into an business-friendly offering with lots of built-in and third party configuration and management tools. And while employees certainly have a role to play in keeping apps, data and corporate infrastructure safe when using their iOS devices, corporate IT must also contribute to this security partnership with policies and device management best practices that balance the need to secure organizational data with end-user productivity and flexibility requirements.
What is your company doing to ensure iOS devices are as secure as they can possibly be? Tell us about it in the comments section.