Nonprofit releases security configuration standards for iPhone

Share this article:
For the first time, enterprises can apply security configuration best practices to Apple iPhones being used by their employees.

The nonprofit Center for Internet Security (CIS) this week released free guidelines that can help organizations develop custom policies related to use of the increasingly popular mobile device, said Blake Frantz, CTO of the CIS. The benchmarks inform users about the security configuration settings available to them on the iPhone. For example, the standards explain how to make adjustments to protect data and deter potential attacks, such as disabling Bluetooth or JavaScript, or creating a strong password policy.

Frantz told SCMagazineUS.com on Friday that feedback from the CIS' 150 members showed that there was a need for iPhone security standards.

"It's going to have your organization's confidential information on it," he said. "We want to equip organizations with some best practices that that information remains confidential."

The guidance arrive at a time when businesses are facing increased pressure to manage their employees' smartphones. A recent Osterman Research study, sponsored by Zenprise, provider of mobile management solutions, reported that the percentage of North American workers issued mobile devices by their employers will double from 23 percent last year to 46 percent in 2011. Other studies have said the number of iPhones in use in the enterprise will triple between now and 2011.

CIS this week also released "agnostic" configuration standards around securing multifunction devices, such as printers, fax machines, scanners and copiers. Frantz said these devices, which contain operating systems and often connect to the company's network, are becoming more frequently targeted.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Skills in demand: Communications and messaging experts

Skills in demand: Communications and messaging experts

The demand for infosec-focused communications and messaging pros is growing.

Company news: New execs at Malwarebytes and an acquisition by VMware

The latest mergers and acquisitions and personnel moves, including Malwarebytes, Abacus Group, VMware, Bay Dynamics, vArmour, Secunia, Norse and more.

Bridging the talent gap in health care

Bridging the talent gap in health care

Cybercriminals are primarily after patient data as it really gets them more money.