Would you like to use iOS mobile devices in your company or are you already using iPhones and iPads in your company? Find out what the strengths of iOS are in terms of IT security, what risks exist when using Apple mobile devices in the company and how you can optimally secure your iPhone and iPad.
iOS vs. Android security: what you need to know
According to Apple, security is at the heart of the iOS platform. Software, hardware and other services are coordinated in such a way that they guarantee maximum security for the user and are easy to use at the same time. Google’s mobile operating system, on the other hand, runs on mobile devices from different manufacturers who customize the operating system.
In contrast to Android, the iOS system is a closed and therefore standardized system. This means that iOS mobile devices only work with Apple software. The iOS source code is also not published. Users cannot change the code themselves, which also contributes to iOS security. System updates are also reliably made available for older devices. This is another major difference to Android, as Google does not provide updates for all devices, and older devices in particular often run on insecure Android versions.
Apple also attaches great importance to data and device security. Data is encrypted on the devices and during transmission and cannot be viewed by Apple. In addition to passwords, biometric methods such as Face ID and Touch ID are used to unlock and secure devices and apps. Even though Apple collects a lot of data from its iOS users, Apple’s business model is not based on the storage and use of customer data, unlike Google.
Finally, app security also plays an important role. All apps in the app store are strictly checked and tested before they are published. It is much more difficult for attackers to get an app into the App Store than into Google’s Play Store. For example, Apple checks the identity of every app developer who wants to publish an app in the App Store.
Summary: In a direct comparison with Android, iOS is the more secure mobile operating system, but it is also more restrictive for users. For more information on how you can still use Android mobile devices securely in your company, read the blog article Android Security.
What security risks are there under iOS?
It is generally more difficult for attackers to exploit iOS vulnerabilities, for example to gain access to a company network or intercept company data. However, difficult does not mean impossible. Attackers are always able to find security vulnerabilities.
General mobile risks such as phishing and spam also exist on iPhones and iPads, and malware can also be infiltrated via iOS devices. However, the number of attacks is lower compared to Android. In addition, attacks at root level, i.e. at system level, are much more difficult to carry out.
Rooting or jailbreaking, as it is called on iOS devices, is another risk factor. With a jailbreak, the user or attacker expands their rights and gains access to all areas of the operating system and device that are actually locked. As a result, protective measures can be bypassed and malware, Trojans and the like can be installed on the device relatively easily or even attacks can be carried out at root level.
Even though apps are always rigorously checked before they enter the Apple App Store, they can still be a risk factor. Apps are separated from each other on iOS devices by so-called sandboxing. Each app runs in a secure environment (= sandbox). This also applies to security apps such as virus scanners, which therefore have no rights under iOS to detect malware in apps or on the operating system. This makes it difficult for the IT department to detect malware and take action against it.
WhatsApp and co. on iOS devices
In addition to the technical risks, there are also legal risks if business data ends up in private apps. According to the GDPR, business and private data must be kept strictly separate on mobile devices. However, apps such as WhatsApp or Facebook Messenger, for example, access all contact data – regardless of whether it is private or business data – unless additional security settings are made.
Easily secure iOS mobile devices
How can iOS devices still be used securely in the company and how can technical and legal risks be minimized? The simplest and most secure solution is a container app.
What does a container app do?
A container app creates a secure area on the iPhone or iPad. All company data within the container cannot be viewed or accessed by other apps. This means that your company data is secure on iOS devices, regardless of which other apps are on the device or what your employees do with the iPhone or iPad.
Mobile working is easy with the SecurePIM container app. All functionalities for mobile working are available to your employees within the container. This includes emails, contacts, calendars, notes, tasks, documents, a browser and a secure camera. At the same time, they don’t have to worry about security and encryption, as this runs in the background.
The advantages of SecurePIM at a glance:
- BSI-approved solution
Developed in Germany and under German data protection standards. - State-of-the-art encryption standards
During storage on the iOS device and during transmission. - Maximum security even if a device is lost
Delete your company data remotely. - Jailbreak detection
It is possible to prevent access to iPhones or iPads that have been jailbroken via the associated management portal. - GDPR-compliant
Unlike mobile device management solutions, SecurePIM is 100% data protection and GDPR-compliant. Your employees’ private data cannot be viewed outside the app, and business and private data are clearly separated from each other. - High usability
Your employees can use iPhone and iPad without restrictions. SecurePIM is also adapted to the native iOS apps and can therefore be used immediately without the need for training.