Welcome to our fully functional beta site. We welcome all comments
The Informatica blog - Authored by Claudiu Popa

Is the iPhone Secure Enough?

According to popular expert opinion, there are seven areas in today’s mobile devices where vulnerabilities can create security or privacy breaches. Nowhere is this more true than in the paragon of mobile digital success: the iPhone. Nothing short of a juggernaut, new versions of the quasi-ubiquitous device have all but evaded attempts at hacking it by consistently introducing innovative new features and by leveraging a strategy of built-in obsolescence.

It follows then that each of these areas corresponds to specific security controls, tactically building a ‘defense in depth’ approach to securing the iPhone for personal use. In practice, the original seven risk areas map to the following five safeguards:

1. The operating system
Avoid jailbreaking the phone. As Apple never tires of repeating, once jailbroken, it is exposed to a set of clear and present dangers that at least risk compromising the data stored inside.

2. Data encryption
While encryption for iPhone data is standard on the handsets, it has already been cracked and free software can now be used to compromise it. Use third-party tools such as SplashID, FolderLock, iDiscrete or eWallet to encrypt the data you depend on.

3. Authorization
Ensuring that the iPhone is used by its rightful owner is as simple as introducing anti-theft technology. From a physical security perspective, Apple’s MobileMe service attempts to correct the aftermath of theft situations. It includes Find My iPhone which includes real time tracking of the handset.

4. Multimedia
What about the camera and microphone? Ensure that no one is listening by installing anti-malware from Symantec, Cisco SIO To Go and threatPost.

5: Communications
Internet and Web access are pretty well taken care of using SSL and even email is protected between the handset and the server.

The iPhone’s locked nature is the biggest factor in preserving the device’s security. Between the new IOS and the old, tried and true interface, it offers an adequate baseline of security for personal use, but the aforementioned tools should be used to complement its security.

In a future post I will cover iPhone and iPad security for corporate environments, because while you can always see your family after work, it's clear that you can't part with these devices for an entire work day.
Sort Comments
Guest | 11/09/2011 08:45:48
So, does that mean that an out of the box IPhone with IOS 5 is quite safe as long as you have a password for it and it's not jail broken? Does one really need any of the anti-malware apps from Symantec, CISCO, or even other data encryption apps or are they just nice to have?

In the early 1920s, the Enigma machine was a portable encryption machine with rotor scramblers used for encoding and decoding confidential messages....
Bleeding hearts unite, the OpenSSL Heartbleed bug threatens to impact user privacy and business security online. There's a new security vulnerability in town. It's not even that new, we just didn't know about it until now. But it's a whopper and it threatens to i...
Independent risk assessments are the most basic best practice in business.Security is about risk. And risk is about numbers. Given the high probability of suffering data security and privacy breaches, is it any wonder compan...
Netflix just the latest brand used in wave of phone text support fraudEver wonder what the use of stealing millions of email addresses is? All those often downplayed, 'low sensitivity' data breaches have massive potent...
Layered SecurityI'm often surprised at the public's disappointment with the realization that security processes are not directly analogous to the medical notion of im...
Target breach will have serious consequencesThis past Christmas season hasn't been kind to the Target chain of retail stores nor to its brand. A brazen attack took place in December that affecte...

Welcome to Informatica

Be Secure.

Be Trusted.

Follow us on