Security on your iOS Device

Posted on

A lot has been said about the iPhone and iPad.  It's great, magical, revolutionary, and cool.  But not a lot of people are aware of the security features that come with an iOS device, and it's a shame.  IT departments tend to panic when they don't know about the necessary security measures needed when such devices start showing up.  Here are a couple of things that I would recommend to any user, particularly if you are going to start using your iOS device in a business setting.

Set a Passcode:  This is so simple, and often overlooked because of the potential for inconvenience.  In particular, if you let your kids use your iOS device without unlocking it first.  But there are huge benefits.  You have secure access to your device, and if it fails too many times it can wipe the data from the device to protect your privacy.  How do you do it?  Easy!  Go to your Settings app, and then in General, click Passcode Lock.  Then select Turn Passcode On.  You can change your passcode, set it here, have a simple passcode (four digits) or a more complex alphanumeric passcode.  Then, you can turn on Erase Data.  This will wipe your data after 10 failed tries. CAUTION:  If you have kids that play with your iOS device, they may try to get access to it several times, and could get to that 10 failed threshold.  So keep track of your device.

Be Aware Of Your Network:  Unbeknownst to many users out there, the wireless network in your local coffee house may not be completely safe.  It's possible someone could be hijacking your information.  Check which network you are using in your Settings, and be sure to always connect to your email through a secured connection (most use SSL to encrypt your connection to your mail, as Google Mail does).  Not sure if you are connected through SSL?  Check with your mail provider.  And never, EVER, send any sensitive data through email.  It's not an envelope, it's a post card.  ANYONE can read it!

Use MobileMe Where Is My iPhone:  It's free now, as of iOS 4.2, and definitely worth it.  You can track your iOS device based on your iTunes account information using GPS.  A really cool example was used in the BBC show "Sherlock".  That way, should your iPhone get stolen, or your iPad, you can track it's location.  Definitely worth the 10 minutes to set it up.  And where do you set it up?  In your Mail, Contacts and Calendars (it is part of MobileMe, remember).  Just add a MobileMe account, and select Find My iPhone (or iPad).  Then using either the Find My iPhone app, or the web ( if you are at a desktop computer, you can locate your device, display a message or a loud annoying sound, remotely lock the phone, or even remotely wipe the phone.

Physical Security:  Nothing works better to secure your iOS device than keeping it locked when not in use.  And I don't mean locking the screen, but locking the device physically in a drawer or office.  For my iPhone, I keep it in my front pocket (where I would definitely notice if someone was reaching for it).  For my iPad, I tend to keep it either locked in a drawer, in my office, or in my bag and I carry my bad with me.  The minute you leave it down somewhere, it could be the last time you see it.  Always be sure you get in the habit of putting your iOS device (or laptop for that matter) away.  Cubicles are not safe, as anyone can take anything left out.  Use a key.

Don't Jailbreak The iPhone: Okay, I know it's cool, and I know it gives you the feeling that you are "sticking it to the man" and going your own way, but think about this:  There could be a VERY good reason why a lot of those apps only available to a Jailbroken phone are not in the App Store.  One is that some have been proven to carry data mining information.  What, you say?  Someone would do such a thing?  Ask the 50,000 plus estimated Android users that used one of 50 apps that did that very thing for them.  Yes, people do that, and yes, they can do it on any platform that is left open and has no security safeguards.  Apple has intentional sandboxing of apps to keep data secure to the individual app and not share anything across the board.  Now, that being said, if you are dead set on Jailbreaking your phone, then you are on your own. I'm not your mom, and I can't tell you what to do with your life. But don't say I didn't warn you.   And if I were corporate IT, I would make it a serious breach of company policy to have ANY jailbroken iOS devices in my DMZ.

So those are a few suggestions that I would give.  There are a number of corporate solutions that Apple provides through it's iPhone Configuration Utility and various Mobile Device Management server partnerships, but that would be a subject for another post.  These suggestions are general ones that should work for any user.  Does anyone else have any suggestions or comments they would like to pass on?