iOS Security and Enterprise Mobility Management

Are Apple devices really more secure?

Ashish Shah, Senior Solution Architect, Dasher Technologies

According to Statista, nearly half of all U.S. smartphone users in 2018 used an Apple iPhone. While the Android operating system (OS) tops the smartphone market, the iOS-powered iPhone is the top-selling individual phone of any kind in the country.

iPhones are typically more expensive than Android variants, but they’ve earned a devoted following from users fond of their intuitive design and ease of use. iPhones have also developed a reputation for malware resistance and stronger security than other smartphones, owing to Apple’s tightly controlled walled garden development and application management strategy.

When compared to Android, Apple iOS devices are very secure. Apple requires developers to sandbox all apps and only allows approved apps in its App Store. However, contrary to popular belief, iOS devices are not impenetrable. For example, the Department of Homeland Security was able to break into iPhones and exploit weaknesses to circumvent iOS encryption. Additionally, fake iOS apps have been deployed to trick users and steal private personal data.

But it remains true that the average iPhone user will likely never experience malware. iOS has rock-solid protections in place that make it a difficult target, and when vulnerabilities have surfaced in the past, Apple is typically quick to patch them. With a little common sense, iPhone users should never get a virus.

The same cannot be said for most enterprises.

Security, Shadow IT, and Enterprise Mobility Management (EMM)

The ubiquity of smartphones and the bustling app marketplaces that feed them with functionality have complicated enterprise network security for everyone. We’ve all had to adapt to its impact on workplace IT policy — from bring your own device (BYOD), to choose your own device (CYOD), personally owned, company enabled (POCE), corporate owned, personally enabled (COPE). Ongoing integration of smartphone technology and mobile application usage are now common business concerns, and secure Enterprise Mobility Management (EMM) has joined the list of IT’s duties.

Even proactive IT departments can face an uphill battle trying to secure enterprise networks while accommodating employee fondness for smartphones and novel applications in the workplace. Unsanctioned use of personal devices and apps can lead to breaches or confidential company data exposure. A recent Computerworld article noted: “There are some applications employees just won’t live without. For example, over half of deskless workers use messaging apps like WhatsApp and Messenger for work-related activity on a daily basis, but less than one in five (16%) of them had informed HR of this use.”

Cybersecurity is arguably the most critical challenge faced by modern IT.

This is the world of Shadow IT, where digitally savvy employees adopt their choice of tools and apps for work without company oversight. Smart enterprises confront it with integrated security threat prevention in the form of firewalls, Mobile Device Management (MDM), sandboxing and tiered network access layers, secure guest portals, authentication and file-sharing controls, and a host of other automated security provisions.

Security threat prevention also involves consistently communicating best practices to the entire enterprise to establish broad end-user security awareness. IT has to make it personal.

Smartphone Security Awareness

Smartphone security and data protection starts understanding the personal implications of the permissions commonly granted to apps and mobile devices for convenience.

Those familiar requests to share all data fields and allow access to contacts when downloading a new app? That means everything in your contact list — from names, email addresses, phone numbers, birthdays, and home addresses — is uploaded to the app developers’ servers. Who knows what those developers do with that information at that point?

Emerging smartphone features such as “Face ID” can store enormous amounts of personal information (much more than a mere six-digit passcode can). New features mean new privacy concerns, regardless of how secure the actual operating system code is.

There’s also the practice of “jailbreaking,” as in deliberately changing iPhone software to remove the restrictions required by Apple, so users can tweak the OS in ways not normally possible. While this gives the user more tools to play with, it also greatly increases their vulnerability to attacks. With fewer of Apple’s protections in place, a jailbroken iPhone user could run infected apps or fall victim to otherwise blocked attacks.

Whether it’s iPhones or any other mobile device used personally or in the enterprise, good security tips include:

  • Use caution when opening attachments or URLs from unknown people and alert IT to suspicious senders.
  • Don’t jailbreak your device.
  • Always keep your device updated with the latest patches.
  • Enable two-factor authentication.
  • Turn on “Find My iPhone” or “Find My Device” features to safeguard data by enabling remote wipe.
  • Install only trusted apps from reputable app stores.

To learn more about how Dasher can help you securely manage and grow your IT environment, please email [email protected].