Apple publishes iOS security guide
Posted on 04 June 2012.
Apple has a reputation for being extremely reticent when it comes to discussing security in public - so much so that most of the security features their devices sport have been discovered by researchers via reverse-engineering.

Consequently, the news that the Cupertino-based giant has actually published an iOS security guide that details these features will surely surprise many.

Released last month, the guide explains the operating system's architecture, encryption, data protection, network security, and device access features, and finally confirms that iOS uses address space layout randomization to thwart malware and exploits.

It also explains the layered approach to security it implements, which includes sandboxing, code signing and entitlements in apps.

"Many security features are enabled by default, so IT departments donít need to perform extensive configurations. And some key features, like device encryption, are not configurable, so users cannot disable them by mistake. For organizations considering the security of iOS devices, it is helpful to understand how the built-in security features work together to provide a secure mobile computing platform." it is pointed out in the guide.

Also, as noted by researcher Charlie Miller, the guide was published in the "enterprise" side of Apple's site.

Taking all this into consideration, it seems likely that this highly unusual step was made in order to reassure enterprises that Apple's devices are a great fit for their businesses.

Or perhaps the recent incident with the Flashback malware and Apple's poor reaction to the situation has made the company reconsider their tight-lipped approach to informing its customers about possible dangers and security issues that might affect them.


More than a third of employees would sell company data

35 percent of employees would sell information on company patents, financial records and customer credit card details if the price was right. This illustrates the growing importance for organizations to deploy data loss prevention strategies.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Jul 31st