Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Network Security, Security Strategy, Plan, Budget, Vulnerability Management, Incident Response, TDR, Governance, Risk and Compliance, Compliance Management, Privacy, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Nonprofit releases security configuration standards for iPhone

For the first time, enterprises can apply security configuration best practices to Apple iPhones being used by their employees.

The nonprofit Center for Internet Security (CIS) this week released free guidelines that can help organizations develop custom policies related to use of the increasingly popular mobile device, said Blake Frantz, CTO of the CIS. The benchmarks inform users about the security configuration settings available to them on the iPhone. For example, the standards explain how to make adjustments to protect data and deter potential attacks, such as disabling Bluetooth or JavaScript, or creating a strong password policy.

Frantz told SCMagazineUS.com on Friday that feedback from the CIS' 150 members showed that there was a need for iPhone security standards.

"It's going to have your organization's confidential information on it," he said. "We want to equip organizations with some best practices that that information remains confidential."

The guidance arrive at a time when businesses are facing increased pressure to manage their employees' smartphones. A recent Osterman Research study, sponsored by Zenprise, provider of mobile management solutions, reported that the percentage of North American workers issued mobile devices by their employers will double from 23 percent last year to 46 percent in 2011. Other studies have said the number of iPhones in use in the enterprise will triple between now and 2011.

CIS this week also released "agnostic" configuration standards around securing multifunction devices, such as printers, fax machines, scanners and copiers. Frantz said these devices, which contain operating systems and often connect to the company's network, are becoming more frequently targeted.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.