Rapid adoption rates, three hundred and fifty thousand apps, but not much malware. What gives?
1) The power of whitelisting. Call it what you may, but having Apple act as the steward of all applications via its App Store is a form of whitelisting (where the list of approved applications [whitelist] is defined by those that Apple approves to be posted). Whitelisting is an extremely powerful security concept that hasn’t been widely used by enterprise IT – yet. Could Apple do more in terms of security testing? Absolutely, but there hasn’t been a major malware outbreak or market demand (yet) to change the current level of application certification.
2) The benefit of users running without administrative rights. You don’t have “root” rights on your iPhone/iPad unless you’ve jailbroken the device. The vast majority of users won’t be compelled to do this because they can do everything they need as a “standard user”. They extend the device, customize their environment, download and install applications, and so on without knowing that they don’t have “root” access.
Think about it. Even with the removal of administrative rights and with implicit whitelisting, the users don’t complain about being “locked down”.
Imagine what we could do for enterprise Windows users with a similar model…
Category: beyond-anti-virus endpoint-protection-platform information-security microsoft-security windows-7
Tags: apple beyond-anti-virus defense-in-depth endpoint-protection-platform lockdown security-summit-na windows
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.