Skip to main content

iOS 7: Is your organisation ready for Apple's new security features?

Apple is expected to release iOS 7 on 10 September, marking the greatest changes and improvements the operating system has seen since its inception. But are the enhancements to the operating system's security features good news for everyone?

The hotly-anticipated latest version of Apple's mobile operating system, which Apple calls "the most significant iOS update since the original iPhone," should become available this month, and rumours that its release is imminent are rife.

iOS 7 will be available as a free software update for the iPhone 4 and later, the iPad 2 and later, the iPad mini and the fifth generation iPod touch.

For the first time ever, Apple has made a change to its hardware copy protection. In previous iOS versions, each device had a single identifying code that would be used for every app downloaded. With iOS 7 on the other hand, devices will generate a unique code for each app, adding a layer of security for users.

For any app that could reasonably be expected to work on another device (games, for example), this is not a problem. However, apps that should never be replicated on another device will not work on iOS 7 if they have not been tested and reconfigured by the developer for automatic migration. Soft-token authentication apps that generate single-use codes fall into this category.

A beta version of iOS 7 has been available to iOS Developer Program members since June. App developers have had ample opportunity to ensure that their software will work seamlessly as soon as iPhone and iPad owners download the new operating system.

Unfortunately, in the past many developers have rested on their laurels until the new operating system's release and it is likely that some may assume they can get away with doing the same with iOS 7. For the first time, those who wait will be too late – their apps simply won't work on iOS 7.

Such a bold departure from the security settings of the previous iOS version therefore represents a quandary for technology users whose software suppliers have not tested their products before the big launch. This poses a serious risk for IT departments at companies with employees who use their Apple devices for work. Forrester says that more than half of European and North American companies are developing bring-your-own-device (BYOD) programmes, to prepare themselves for their employees' adoption of the new software.

Below is a checklist for IT departments and security specialists for iOS 7 preparation:

1. Prioritise the functions you need to work on the new operating system and the consequences if they don't. Security and identity and access management should be high on the list, especially if employees have to use a mobile device for authentication for your systems.

2. Place a support call to your app provider and ask what testing their software has had on iOS 7 beta. Alarm bells should ring if the answer is "none."

3. Ask users to update all apps before the migration to iOS 7. They can do this simply by going to the App Store and applying all known updates. Apps can still be updated after the migration, but some might not work properly.

4. If you aren't sure whether your department and its suppliers can support iOS 7 or not, contact employees and make sure they are aware.

Andy Kemshall is the technical director of SecurEnvoy.

Got your watch set to count down mode ahead of Apple's big 10 September unveiling? Follow our live updating coverage of the iPhone 5S and iPhone 5C launch for all the latest news and analysis and be sure to join us on the day!

Image credit (bottom): Flickr (GergoMike)