Kenneth van Wyk: The iPhone at 5: Keeping it secure

Some tips for good iOS hygiene

June marked the five-year anniversary of the iPhone. Without a doubt, the world has changed substantially since the iPhone was first introduced. But how secure are consumers as they trust more and more of their sensitive data to modern smartphones?

Last month, I described a few things that an IT security manager who is responsible for a fleet of iOS devices can do. After that column, though, several people asked me if there are things that security-minded consumers can do to secure their iPhones and iPads. There are several. Let's take a look.

Good iOS hygiene includes:

Don't jailbreak. From the standpoint of device security, jailbreaking is the single worst thing you can do on your iOS device. The entire iOS system, from its boot code through all of its application software, is essentially one big hierarchical chain of digital signatures on every entity. Software introduced to the system is required to be signed before it is allowed to run. When you jailbreak your iOS device, you turn all of that off. Of course, I have no doubt that many of you reading this are saying that there's a whole world of useful software available only in the jailbroken world -- and you'd be correct. Unequivocally, there is. But you're giving up security safeguards when you go that root route.

Use long passwords. All iOS devices encrypt much of your sensitive files on their file systems. Your email, photos, etc., are kept encrypted using a hardware AES-256 module, keyed with two things: a unique, per-device, random 256-bit key, and your device's passcode. The device key and encryption hardware can be used by an attacker with physical access to the device, so it essentially comes down to your passcode. And most consumers stick with the default four-digit PIN. That list of ingredients spells disaster for your personal data on your device, should the device be lost or stolen. You simply cannot count on a four-digit PIN to protect your sensitive data. The good news, though, is that iOS gives you the ability to disable "Simple Passcodes" in the built-in Settings app (Settings --> General --> Passcode Lock). Yeah, I know it's a hassle to type in a password every time you unlock your device, but if the information on your device is of any real value to you or your employer, this is one of the few direct actions you can take to protect that data. Do it right now.

Use the security features. Speaking of passcodes and such, there are several other security settings that you can control from the Settings app. Take a few minutes to explore them, and enable the ones that make sense for you. Even some basic things like tweaking each app's notification settings can make a difference (e.g., enabling an app's notifications to be viewed even if the device is locked may well expose some sensitive data to someone who has access to your locked device).

To continue reading this article register now

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon