Apple’s new security features should help secure BYOD | SC Media
Mobile, Privacy

Apple’s new security features should help secure BYOD

September 10, 2015

Business that embrace bring your own device (BYOD) could gain from Apple's improved security features.

Apple's iOS 9 will include six-digit PIN codes as well as two-factor authentication, creating one million different PIN combinations, a far cry from the 10,000 combinations previously available using four-digit codes.

Those measures should offer relief for companies struggling to secure BYOD. An IBM study of one million BYOD and corporate-issued devices found that nearly 90 percent of companies allowing BYOD only require simple numeric PIN numbers with almost 80 percent of those only requiring four- or five-digit PINs. That could open those companies up to risk since, according to the iOS Hacker's Handbook, a short passcode can be compromised in less than 18 minutes.

David Reiff, co-founder and vice president of uBreakiFix told that the added complexity may serve other purposes as well. 

“Usability-wise it will be more of a pain to enter your passcode, I think it's going to push users to use Touch-ID rather than entering their PIN code to unlock their phone,” he said.

He added that the Touch-ID option is more secure and that Apple benefits from people using it because applications like Apple Pay and some third-party applications require users to enable the feature.

Apple also said that two-factor authentication will be built into OSX El Capitan and iOS 9. Once enrolled, users will be prompted for a verification code any time they sign into their Apple ID account from a new device or browser. The code will either be sent to a user's phone or will automatically display on another Apple device that is already registered. A user will be signed in after entering the code.

“I think their the goal is to get as many iCloud users using two-factor authentication,” Reiff said.

He explained that the feature also will help prevent unauthorized access to iCloud accounts, as happened in a celebrity photo hacking incident that occurred last year.

Reiff also noted the Apple placed a strong emphasis on the encryption of the data it collects on its users so that device use and behaviors aren't connected to a user's personal information.

prestitial ad