Apple released iOS 7 on Sept. 18 this year and it offers several new features tailored for enterprise needs, thus giving iOS 7 better acceptance chances in an enterprise environment. In addition to a variety of visual changes and features for private users, the latest update of Apple’s mobile operating system to version iOS7 has also brought important innovations for the business sector.
Apple has recognized business requirements and met challenges resulting from BYOX (Bring your own X). BYOX involves the integration of different private end devices, operating systems, or apps into a corporate environment. By contrast, Google’s mobile operating system Android still has no uniform solution to offer. However, Android is partially expanded by device manufacturers to include corresponding business functions. The market leader Samsung, which has already incorporated some business solutions into its operating system, deserves particular mention.
The following business functions have found their way into Apple’s iOS7:
- Per app virtual private network (VPN) provides more security for corporate data and privacy for personal use with personal and corporate apps using different VPNs for transmitting data.
- iOS 7 has a built-in support for third-party mobile device management (MDM). It gives the possibility to IT administrators to remotely manage corporate apps, accounts to corporate services, settings configuration, execute security commands and device queries.
- With new open in management it is easy to set list of apps that can be used to open corporate data thus limiting the information leakage through unauthorized apps.
- Enterprise single sign on (SSO) facilitates work with multiple corporate apps. Employees can enter their credentials once and they can be reused for other apps using SSO.
- In iOS 7 corporate data is also secured in third-party apps with data protection enabled automatically.
- Touch ID is a new way to unlock devices with the user’s fingerprint. That is not only an additional feature that helps increase security but is also a time saver. Apple states that it uses state-of-the-art technology for its fingerprint recognition; nevertheless it is believed that fingerprint censor was hacked recently. Users are only left to hope that Apple fixes this security breach soon.
- With a new feature activation lock the owner of an iOS 7 device which was stolen or lost can lock the device and a person who found it will not be able to access it or erase its data without knowing the owner’s Apple ID credentials.
- iBeacon is one of the least known features of iOS 7. Beacons are wireless sensors that are installed in some locations that transmit data to iOS devices using Bluetooth Low Energy. The iBeacon feature can be used for a variety of apps, such as location based alerts, location based settings and targeted marketing purposes.
That’s all great, but how do companies benefit from these new features in particular? Foremost, companies can decrease operational costs by implementing a “Bring Your Own Device” program (BYOD). But in order to profit from this program it should be implemented with strict rules and policies that can be set via a mobile device management (MDM). Some problems may arise from implementing BYOD, i.e.
- an employee taking sensitive data with him/her after leaving the company,
- an employee having full control on applications and data on his/her device,
- an employee breaching governmental mandates can be solved in case workers use devices with iOS 7.
Using MDM IT administrators can decrease the probability of information leakage by removing enterprise data from a device of an employee who leaves. MDM in iOS 7 gives the possibility to configure settings so that employees will not be able to breach certain laws (IT department has to work closely with the legal department in order to achieve this goal). MDM combined with proper use of VPN and open in management provides full control over corporate applications and its data thus limiting the possibility of data theft by sending confidential business information in text messages because the user will not be able to copy data and paste it to a text messenger or data will not be channeled through an unauthorized network.
One of the companies that can truly benefit from open in management and per app VPN is the Burr & Forman law firm (as mentioned in the Altimeter Group case example [page 8]) that uses third-party extranet hosting service for easy doc/file sharing for workers relying on iPads as their sole computing devices.
It is believed that people tend not to inform IT departments of missing phones for weeks (so that the IT department can wipe it remotely) because they have a hope to find it again, thus increasing probability that confidential corporate data that is stored on the device can be accessed and used by unauthorized users. With the iOS 7 release this hazard can be diminished with the employee locking its device via the activation lock feature and unlocking it in case it is found. Although activation lock is robust, the problem with human factor still exists – meaning this feature is not activated automatically and users may just find out about its value when their device is already lost.
The Altimeter Group study further stated a law company which equipped their employees with iPhones making the iPhone to cover 95% of all devices used in the company [page 3]. This uniformity in device selection gives enterprises a chance to use all the advantages of iOS 7 for protecting its corporate data (in case that the last version of iOS is installed on devices).
Although iOS 7 is one of the best tries in Apple’s history to target enterprise needs, iOS 7 with all its new feature is not a silver bullet and corporate data can still be compromised even if all precautions are taken. More information about mobile device management can be found in our latest blog post “Next generation mobile device management: a rule based concept“.