Apple's iOS 7 gives security pros a lot to like

Fingerprint reading isn't the only sign that Apple is upping the ante in mobile security. It's new operating system is full of goodies that should boost its security appeal in the enterprise.

"Before iOS 7, Apple already had a secure operating system, with many options available to enterprises to lock them down," said SilverSky CTO Andrew Jaquith.

"Only the BlackBerry had more options," Jaquith said. "With iOS 7, companies will find many of their remaining needs addressed. It's clear that Apple is listening to their enterprise customers."

Following the security lead of BlackBerry, and Samsung with its Knox platform, Apple has added features to help segregate personal from professional information on a device.

"They are doing this with a few different features, including restricting company apps from talking to personal apps, as well as offering a per-app VPN. which can selectively route only enterprise traffic," said Jonathan Dale, marketing director of Fiberlink..

"In my opinion, Apple appears to have significantly improved the controls which help separate work and personal information," Dale said. "Users and companies should feel more secure that their data will not go to unintended places."

The new iOS also has better support for Mobile Device Management (MDM) systems. The potential lag between initializing a device on the network and enrolling it in an MDM. Now the two tasks can rolled into one for more efficient and easier operation.

"There will be more mobile security policies available to lock down devices," SilverSky's Jaquith said.

"These include additional options for restricting Siri, AirDrop file sharing, and which apps can open particular files and attachments," he said. "Admins should be able to restrict documents in company email, for example, from being opened in DropBox."

Apple has also enhanced containerization in the OS. Its "Open In" management separates personal and corporate data so business content will be opened only in specific apps approved by the enterprise.

"Single Signon" is another attractive security feature of the new iOS. It allows a device to communicate with the backend of a system without each of its apps generating usernames and passwords for themselves. "It makes things much easier for the end user," PJ Gupta, CEO of Amtel, said in an interview.

Senthil Krishnapillai, head of mobile security for SAP, told CSOonline: "It tremendously improves the usability of the application, and combined with fingerprint reading, it gives you true two-factor authentication."

[Also see: Apple's iPhone 5S presents more questions than answers for businesses]

With the new iOS, Apple is also giving administrators the power to reuse app licenses. Prior to iOS 7, when an app was issued to an employee, its license stayed with the employee. Now that license can be recovered by the organization. "There was no way to reclaim the license," Fiberlink's Dale said. "It was a big deal because it was a big pain."

Gupta noted that Apple has also modified the application lock feature in the new iOS. Prior to iOS 7, if a phone was lost or stolen, whoever recovered the handset may not be able to get past the application lock to access the phone's data, but they could do a system reset and use the phone as their own.

That can't be done with iOS 7. If the application lock is activated, a system reset won't allow the phone to be reused. "It becomes a brick," Gupta said.

With its new security features, iOS is keeping pace with security stalwart BlackBerry, and Samsung's Knox security platform. "With the introduction of Knox, Apple has had to play catchup with Samsung in the enterprise market," Gupta said.

However, SAP's Krishnapillai said that because of the way the Android ecosystem works, Apple has a leg up on Samsung. Knox is limited to a specific model of Samsung phone.

"Developers writing for Knox have to make an app for Knox and one for the rest of the Android market," Krishnapillai said. "App developers for iOS only have to write for iOS."

Read more about wireless/mobile security in CSOonline's Wireless/Mobile Security section.

Join the CSO newsletter!

Error: Please check your email address.

Tags Appleios 7applicationssecuritymobile securitysoftwareData Protection | Wirelessdata protection

More about AmtelAndrew Corporation (Australia)AppleBlackBerrySamsungSAP Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John P. Mello

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place