Apple recently released a documented called “iOS Security May 2012“.
Whilst this is only a short (20 page) PDF document, it is quite detailed and informative.
Within the document, Apple detail how they have implemented a number of security technologies within the iOS platform used on the iPod Touch, iPhone and iPad without compromising the user experience.
To quote from the introduction:
This document provides details about how security technology and features are implemented within the iOS platform. It also outlines key elements that organizations should understand when evaluating or deploying iOS devices on their networks.
The document goes on to cover a number of areas in more detail:
- System architecture
- Secure Boot Chain
- System Software Personalisation
- App Code Signing
- Runtime Process Security
- Encryption and Data Protection
- Hardware Security Features
- File Data Protection
- Keychain Data Protection
- Network security
- SSL, TLS
- Device access
- Passcode Protection
- Configuration Enforcement
- Mobile Device Management
- Device Restrictions
- Remote Wipe
I believe that the Encryption and Data Protection section will be of interest in relation to the use of iOS with other technologies such as SharePoint to understand how data that is referenced from SharePoint is protected within iOS.
Also, the Network Security section provides information about how security measures can be used to safeguard information from SharePoint as it is transmitted to and from an iOS device.
The document concludes with a written commitment from Apple to security. Apple encourages businesses to:
…review their IT and security policies to ensure they are taking full advantage of the layers of security technology and features offered by the iOS platform.
This document could also be used as further reference material alongside the DSD Hardening Configuration Guide for iOS 5.1 that I have covered previously.Back to top