Apple

Security on mobile devices is both simpler and trickier than security on desktops. For starters, there’s a much greater possibility of either loss or theft of the device, the trick is whether you can still manage to secure the data on it despite that fact.

It seems the US Department of Defense is getting ready to give approval for some use of iPad and iPhones by its employees (as well as some other devices), which would seem to imply that they feel reasonably confident that some smartphones have reached that point. Most companies won’t have quite as much of a pressing need to secure data as the DoD, as it’s generally the company’s reputation rather than lives they’re protecting. Nevertheless, their actions can still serve as a good bellwether for the state of security. If something is good enough for a government agency charged with defense, it should be good enough for company that “only” protects customer information.

The developers of iOS have done a really remarkable job of locking down the OS. It wouldn’t be such an event for a new Jailbreak tool to be released, if that was not the case. They’ve put a lot of “blast shields” in place that limit the damage any one exploit can do, which means that rooting the device requires chaining a series of vulnerabilities together. And these vulnerabilities seem to be a little more difficult to find with each new version. Not impossible, still, but the bar is set quite high for both the skill level and time required.

This strikes me as a good sign for mobile device developers taking security more seriously. For most companies, if you can hammer out the specifics in a policy that makes sense both for the company and employees, letting them use their own devices can genuinely be a reasonable option in some cases.

holding iPhone photo credit: Steve Rhodes via photopin cc