Gartner Blog Network


Two Lessons for Information Security from the iPhone and iPad

by Neil MacDonald  |  May 2, 2011  |  3 Comments

Rapid adoption rates, three hundred and fifty thousand apps, but not much malware. What gives?

1) The power of whitelisting. Call it what you may, but having Apple act as the steward of all applications via its App Store is a form of whitelisting (where the list of approved applications [whitelist] is defined by those that Apple approves to be posted). Whitelisting is an extremely powerful security concept that hasn’t been widely used by enterprise IT – yet. Could Apple do more in terms of security testing? Absolutely, but there hasn’t been a major malware outbreak or market demand (yet) to change the current level of application certification.

2) The benefit of users running without administrative rights. You don’t have “root” rights on your iPhone/iPad unless you’ve jailbroken the device. The vast majority of users won’t be compelled to do this because they can do everything they need as a “standard user”. They extend the device, customize their environment, download and install applications, and so on without knowing that they don’t have “root” access.

Think about it.  Even with the removal of administrative rights and with implicit whitelisting, the users don’t complain about being “locked down”. 

Imagine what we could do for enterprise Windows users with a similar model…

Category: beyond-anti-virus  endpoint-protection-platform  information-security  microsoft-security  windows-7  

Tags: apple  beyond-anti-virus  defense-in-depth  endpoint-protection-platform  lockdown  security-summit-na  windows  

Neil MacDonald
VP & Gartner Fellow
15 years at Gartner
25 years IT industry

Neil MacDonald is a vice president, distinguished analyst and Gartner Fellow in Gartner Research. Mr. MacDonald is a member of Gartner's information security and privacy research team, focusing on operating system and application-level security strategies. Specific research areas include Windows security…Read Full Bio


Thoughts on Two Lessons for Information Security from the iPhone and iPad


  1. ed capaldi says:

    Hi

    I like your thoughts and we’ll try this out and get back to you on our prgoress. we’ve experimented successfully with BYOD and the users do what they want with it we just support them from the citrix session onwards, a NAC is fundamental in our set up

    For the record I’m CIO at a large Media (newspapers, magasines, online) Company. We are now 100% Microsoft after 10 years plus of having Macs and Windows we opted for citrix enabled workplace. Having thrown out the Apples we now have a much improved workplace, we had to educate users and techies because of their Apple bias but the fact is that with circa 1000 users we now have 300% improvement in performance and zero downtime on windows, in fact we have only ever suffered 2 ‘attacks’ and both came from G5s….Either we are lucky or maybe the truth is windows is more than adequate for corporate networks??? one thing is for sure since we dumped Apple the business and IT no longer fight, we are considered as partners and that can only be a good thing for both

  2. Anoop says:

    Yes true, the “Least Privilege policy” is applied across the resources, which helped our Microsoft environment secured, with less hassles and less complex. We have applied in the servers, Active directory. It was too complex and cumbersome to maintain Apple environment due to their security management limitation and of course the lack of centralized tool sets.

  3. Neil MacDonald says:

    @Ed and @Anoop

    Are you referring to limitations with the security management of enterprise Macs or of the iPad/iPhone devices?

    I ask because most of the endpoint security vendors have antimalware and firewall offerings for the Mac:
    http://blogs.gartner.com/neil_macdonald/2011/03/03/yes-macs-are-vulnerable/

    Also, third parties such as Centrify and Likewise have integrated Mac management policies including login credentails with Active Directory.

    On the iX devices – agree we are limited by what we can accomplish using ActiveSynch and the APIs that Apple has opened up.

    Neil



Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.