Managing iPhone Security in Your BYOD Policy

by | Sep 26, 2019 | Managed Services | 0 comments

Bring your own device (BYOD) policies are appealing for employees and businesses alike. Businesses don’t have to invest in phones and tablets for their employees that will become obsolete in a few years. Employees don’t have to juggle multiple devices to get through their workday and can choose the devices that they prefer to be optimally productive.

Devoted iPhone users may be excited to get their hands on the new iPhone 11 or iPhone 11 Pro, but what does the new iPhone have in store for BYOD security? Let’s look at iPhone security and where it fits into the BYOD security landscape.

iPhone security BYOD policy

The Challenges of BYOD

BYOD policies offer unique challenges to IT administrators. While the flexibility and cost savings are appealing, managing devices that don’t belong to the business means walking a fine line. You want to ensure that sensitive business information isn’t compromised in the event a device is lost or stolen.

For example, iOS 13, which is being shipped out with the new iPhone 11, has a security vulnerability that allows access to contacts in a locked iPhone. Getting to the contacts is time-consuming and requires several actions. The issue has been reported to Apple and should be resolved by the time iPhone users upgrade to iOS 13.1. In the meantime, users of iOS 13 can prevent access by disabling “reply with message” in their iPhone’s Face ID and Passcode settings.

Security vulnerabilities similar to this are the reason IT administrators need to secure employee devices. This has often meant taking extreme measures, such as erasing the phone or requiring a lengthy passcode. In fact, BYOD policy creation and enforcement is such a prevalent issue that Apple built mobile device management (MDM) into its new operating system, iOS13.

iPhone security BYOD policy

How iOS 13 Addresses BYOD  with iPhone Security

Apple’s new MDM offerings involve device-wide management, which might feel a bit invasive for users. To remedy this, Apple’s MDM enables user enrollment, which includes:

  • A managed Apple ID. The managed Apple ID serves as a work ID and is separate from your personal Apple ID. The managed ID is set up by IT admins, and managed apps and accounts are tied into the managed ID.
  • Separation of work and personal data. At enrollment, iOS creates a managed, encrypted file volume that’s deleted when enrollment ends.
  • Limited device-wide management capabilities for IT. IT only works with the managed apps on the phone. Administrators can’t access personal apps and data.

Phones don’t need to be wiped, and users won’t feel like their IT department is snooping on them, making them more likely to comply with BYOD policies.

iPhone security BYOD policy

Managed Security for BYOD Environments

Managing iPhone security is just one aspect of securing a BYOD environment. Personal Android phones, tablets, notebooks, and other endpoints need to be protected as part of a comprehensive security strategy.

Managing a complex BYOD environment can be a significant burden to your IT staff. One option to ease the burden is to work with a managed security provider like Peters & Associates. We offer a range of managed security services, including security assessments, endpoint protection and employee training, which is essential for successfully implementing BYOD policies. Contact us to learn more about securing your BYOD environment.