Security Hardening iPhones and iPads

Entrust CTO

Blogmaster Note: This was originally posted on April 12,  2012 to ComputerWorld UK’s Security Spotlight Blog.

BYOD, or “Bring Your Own Device” is one of the IT trends that I’m sure you know about, if not by that name. Driven by the users themselves, who go out and get cool new kit — iOS, Android, their own BlackBerries, and so on. They like these new devices, find that the devices make themselves more productive, and then they get it into their heads that they want to do work on them.

IT departments like control, and people bringing in their own devices isn’t control. There are tussles, and these tussles usually end when the boss is the person bringing in their own device.

A high-profile version of this is now three years old, when US President Barack Obama decided that he really liked his BlackBerry. The US government came up with a solution, but made sure that he had “no fun” with the device, and only ten people are authorized to send him a message.

Then Australian Prime Minister Julia Gillard decided that she wanted an iPad and sent her government scrambling, and they came up with an answer for her.

So far, so good. But even better, Australia’s Defense Signals Directorate has released a guide on how to harden an iOS device. It’s a fantastic document, whether you’re an iOS user or an IT person looking at how to properly support your own people using iOS.

It’s not the only hardening guide out there. The US NSA’s Information Assurance Directorate has guides for securing Windows, Mac OS X, Linux, and Solaris. CESG has its own guides, but they’re not general purpose, and are themselves restricted.

The new DSD guide for iOS is a good document for describing security for iOS in general, and how to manage devices whether you’re an individual or IT person. iOS has many security features that can be turned on with Apple’s free add-on tool, the iPhone Configuration Utility (available for Mac or Windows), and the DSD guide even covers those.

It’s good to see governments around the world leading the way to help all of us secure our devices.

Entrust CTO
Entrust CTO
Chief Technology Officer


Add to the Conversation