Apple iOS Security Guide
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Conclusion<br />
A commitment to security<br />
<strong>Apple</strong> is committed to helping protect customers with leading privacy and security<br />
technologies that are designed to safeguard personal information, as well as<br />
comprehensive methods to help protect corporate data in an enterprise environment.<br />
<strong>Security</strong> is built into <strong>iOS</strong>. From the platform to the network to the apps, everything a<br />
business needs is available in the <strong>iOS</strong> platform. Together, these components give <strong>iOS</strong> <br />
its industry-leading security without compromising the user experience.<br />
<strong>Apple</strong> uses a consistent, integrated security infrastructure throughout <strong>iOS</strong> and the <strong>iOS</strong><br />
apps ecosystem. Hardware-based storage encryption provides remote wipe capabilities<br />
when a device is lost, and enables users to completely remove all corporate and<br />
personal information when a device is sold or transferred to another owner. Diagnostic<br />
information is also collected anonymously.<br />
<strong>iOS</strong> apps designed by <strong>Apple</strong> are built with enhanced security in mind. Safari offers safe<br />
browsing with support for Online Certificate Status Protocol (OCSP), EV certificates, <br />
and certificate verification warnings. Mail leverages certificates for authenticated and<br />
encrypted Mail by supporting S/MIME, which, as of <strong>iOS</strong> 8, permits per-message S/MIME,<br />
so S/MIME users can choose to always sign and encrypt by default, or selectively control<br />
how individual messages are protected. iMessage and FaceTime also provide client-toclient<br />
encryption.<br />
For third-party apps, the combination of required code signing, sandboxing, and<br />
entitlements gives users solid protection against viruses, malware, and other exploits<br />
that compromise the security of other platforms. The App Store submission process<br />
works to further shield users from these risks by reviewing every <strong>iOS</strong> app before it’s<br />
made available for sale.<br />
To make the most of the extensive security features built into <strong>iOS</strong>, businesses are<br />
encouraged to review their IT and security policies to ensure that they are taking full<br />
advantage of the layers of security technology offered by this platform.<br />
<strong>Apple</strong> maintains a dedicated security team to support all <strong>Apple</strong> products. The team<br />
provides security auditing and testing for products under development, as well as for<br />
released products. The <strong>Apple</strong> team also provides security tools and training, and actively<br />
monitors for reports of new security issues and threats. <strong>Apple</strong> is a member of the Forum<br />
of Incident Response and <strong>Security</strong> Teams (FIRST). To learn more about reporting issues<br />
to <strong>Apple</strong> and subscribing to security notifications, go to apple.com/support/security. <br />
<strong>iOS</strong> <strong>Security</strong>—White Paper | October 2014 48