Endpoint Security Enterprise

How to Secure Corporate Data on iOS7

September 12, 2013

Following the announcement of the new iPhone 5S and iPhone 5C, available on September 20, Apple has announced that iOS7 will roll out on September 18, 2013. The new features of both the iPhone 5S and iOS7 make the iPhone more business-ready than ever before.

As I discussed on Management Today, iOS 7 promises not only a new design, but also a number of features that make the iPhone more manageable in the enterprise.

Keeping business and personal data and apps separate has always been difficult for IT managers, whether those devices are employee-owned device (Bring Your Own Device, 'BYOD') or Corporately Owned Personally Enabled (COPE). Apple has addressed this issue in iOS7 with the ability to set up virtual private networks (VPN) for individual applications.

For example, a Customer Relationship Management (CRM) app might be required to connect to the company via VPN in order to protect that data, while personal email, or streaming music would not go through the VPN, saving the network from the burden (and potential liability) of transporting personal data. Data segregation also supported by the ability to manage which apps can open which files, so that unauthorised apps can’t gain access to sensitive corporate documents.

Apple isn’t the only firm extending management capabilities; Samsung’s SAFE technology is designed to support its newest devices in a corporate environment as well.

These manufacturers have developed features to make enterprise use of these devices more attractive, though the management and security of data still needs consideration. No matter what steps Apple, or any other manufacturer takes to secure their devices for the workplace, these tools are useless without the right management tools and company policies in place to make use of them.

Securing Corporate Data on Consumer Devices

Apple and Samsung have created environments in iOS7 and SAFE that support enterprise use, but those features don't actually do anthing straight out of the box. Apple, Samsung and other manufacturers have made an application programming interface (API) available to allow third party mobile device management suites to control these features.

Enterprise control of these features via MDM suites is one part of the solution to controlling enterprise data, the other part is coming up with policies to determine how employees should be using their phones and tablets in the business. With BYOD, corporate data is often put at risk when employees use unsecured personal applications with corporate data.

In order to support BYOD, and what will likely be a big surge in demand for the new iPhone, companies need to establish usage policies that balance user needs with corporate security. The key to this is working with all stakeholders, including employees, the IT department, HR and legal, to ensure compliance with all legal, regulatory and business requirements. This means talking with your users to establish the data and applications they use, how they are using them, and looking at the way this fits in with the wider regulatory framework your business is operating in.

To effectively support the use of iPhones in the workplace, the business needs to implement a secure managed framework for managing devices. From this, applications can be delivered that meet the need of the employees, but without compromising compliance and security. If needs are met, employees are less likely to seek unapproved apps to get their jobs done.

Endpoint Security Enterprise

Share this article

Financial Services