{"id":10528,"date":"2017-11-17T10:30:06","date_gmt":"2017-11-17T18:30:06","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/11\/17\/news-4300\/"},"modified":"2017-11-17T10:30:06","modified_gmt":"2017-11-17T18:30:06","slug":"news-4300","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2017\/11\/17\/news-4300\/","title":{"rendered":"Strong and stable: The iOS security guide"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/images.idgesg.net\/images\/article\/2017\/11\/facial_recognition_digital_identity_identification_id_binary_face_thinkstock_aa024318_3x2-100740896-large.3x2.jpg\"\/><\/p>\n<p><strong>Credit to Author: Jonny Evans| Date: Fri, 17 Nov 2017 08:36:00 -0800<\/strong><\/p>\n<p>Apple\u2019s smartphones are <a href=\"http:\/\/www.applemust.com\/the-military-say-iphone-is-safer-than-samsung\/\" rel=\"nofollow\">highly secure<\/a>, but if your private or enterprise data matters to you, it\u2019s essential to ensure your iPhone (or iPad) is as secure as possible.<\/p>\n<p>Just because almost all mobile malware targets Android doesn\u2019t mean iPhone users can be complacent.<\/p>\n<p>Quite the reverse:<\/p>\n<p>We need to be even more alert in case attackers use complacency against us. What follows are a few simple tips to help you secure your iPhone (and iPad).<\/p>\n<p>There\u2019s no way to deny that iPhones are in the ascendant, particularly in enterprise IT. Beyond business, you\u2019ll see them used by educators, doctors, police and politicians and in each one of those cases the information on those smartphones is confidential and must not be abused.<\/p>\n<p>Security is mandatory. Fortunately, Apple works really hard to balance security with usability<\/p>\n<p>So, what\u2019s the weakest point in mobile device security? Sadly, it\u2019s you. From tapping links in phony emails to accessing confidential password-protected information using open public Wi-Fi hotspots to simply using the same password everywhere: All these common flaws contribute to your security weakness. If you want to secure your mobile devices, then you should start with good security habits:<\/p>\n<p>Now let\u2019s take a closer look at some of the many other ways you can secure your iPhone\/iPad life.<\/p>\n<p><strong>[Also read: <a href=\"https:\/\/www.computerworld.com\/article\/3237187\/apple-mac\/lock-it-down-the-macos-security-guide.html?nsdr=true\">Lock it down: The macOS security guide<\/a>]<\/strong><\/p>\n<p>Apple watches security on its devices closely. For example, when the first zero-day exploit aimed at iOS was identified in 2016, Apple issued a security update to patch the problem within a few days. If you care about your device security you must absolutely ensure you install all the latest iOS upgrades. (Android users may want to look away at this point, as they have <a href=\"https:\/\/www.ft.com\/content\/6f956fb6-98ad-11e7-8c5c-c8d8fa6961bb\" rel=\"nofollow\">nothing like as much protection<\/a>).<\/p>\n<p width=\"100%\" height=\"420\"><iframe loading=\"lazy\"  src=\"https:\/\/www.youtube.com\/embed\/vfn8Q28MGPw\" width=\"100%\" height=\"420\" frameborder=\"0\" ><\/iframe> <\/p>\n<p><iframe loading=\"lazy\"  src=\"https:\/\/www.youtube.com\/embed\/vfn8Q28MGPw\" width=\"100%\" height=\"420\" frameborder=\"0\" ><\/iframe> <\/p>\n<p>The passcode is the <a href=\"https:\/\/www.computerworld.com\/article\/3203244\/apple-ios\/8-reasons-why-you-should-strengthen-your-ios-passcode-today.html\">single most important security protection you have on your device<\/a>. If you want to be secure you absolutely must use a passcode.<\/p>\n<p>Do you use any of these as your passcode?<\/p>\n<p>These were the three most commonly used passwords <a href=\"http:\/\/www.telegraph.co.uk\/technology\/2016\/01\/26\/most-common-passwords-revealed---and-theyre-ridiculously-easy-to\/\" rel=\"nofollow\">in 2015<\/a>. That\u2019s why they are among the first passcodes people use if they want to unlock your device without your permission.<\/p>\n<p>A report claims it would take a computer an estimated 72-years to hack into a 6-digit alphanumeric passcode, or an estimated 7-minutes to get through a 4-digit numeric code. It would take a human 2,700 years to get through a <a href=\"https:\/\/www.computerworld.com\/article\/3203244\/apple-ios\/8-reasons-why-you-should-strengthen-your-ios-passcode-today.html\">6-digit alphanumeric passcode<\/a>.<\/p>\n<p>You must use a stronger passcode.<\/p>\n<p>What you have to understand is that at Apple, the passcode is still the most important part of your iOS security set-up.<\/p>\n<p>Face ID and Touch ID are good, but they exist for your convenience more than anything else. Both biometric authorization methods depend on you using a unique and hard to break passcode. That\u2019s why you are asked for your passcode when you restart your device, or an Apple Pay transaction fails to recognize your fingerprint, or when the device is left unused for a day or two.<\/p>\n<p>One good way to create a tough password is to make a memorable sentence, such as \u201c<em>Give That Talented Jonny Evans All My 42 Bitcoins, Immediately<\/em>\u201d and then use the second letter from each word (with punctuation) as you code: ihaovly2i,m.<\/p>\n<p>The best way to protect your device is to use an alphanumeric code. To create one you must open <em>Settings&gt;Touch ID &amp; Passcode<\/em>, and select <em>Change Passcode<\/em>.<\/p>\n<p>You\u2019ll be asked to enter your existing passcode and then asked to enter a new one. Don\u2019t enter a new one. Instead, tap the words <em>Passcode Options<\/em> at the bottom of the screen, Now you can create a rock solid alphanumeric code.<\/p>\n<p>Apple claims that Face ID is more secure than the fingerprint-based Touch ID. It says there is only a one in a million chance a random person could unlock your iPhone by looking at it using Face ID, compared with a one in 50,000 probability when using Touch ID.<\/p>\n<p>\u201cFaceID makes using a longer, more complex passcode far more practical because you don\u2019t need to enter it as frequently,\u201d <a href=\"https:\/\/images.apple.com\/business\/docs\/FaceID_Security_Guide.pdf\" rel=\"nofollow\">Apple said in a security white paper<\/a>.<\/p>\n<p>What we\u2019re saying is that while you can use these as a convenience, you should always ensure your passcode remains your primary security protection.<\/p>\n<p>Open <em>Password &amp; Security<\/em> in <em>Settings<\/em> and turn on 2-factor authentication. Once it is enabled you&#8217;ll need to provide two pieces of information (your password and the six-digit verification code) when attempting to sign in to your Apple ID on a new device.<\/p>\n<p>You must also set a Trusted Phone Number here. This is a number that can be used to receive verification codes by text message or automated phone call.<\/p>\n<p>It\u2019s good practice to verify a few numbers here, your home number and that of a trusted third party, for example. You can then use those numbers to get the code to enter your own device if you need to do so.<\/p>\n<p>You can disable Face ID and\/or Touch ID very quickly on iOS 11. This is something you might want to do if you think you\u2019re about to be robbed, or about to have a \u2018memorable\u2019 experience with some nosey border guard, who wants to look at all you secrets and may force you to unlock your device \u2013 they can make you unlick biometrically, but not usually demand the code.<\/p>\n<p>Lower the auto-lock time to 30-seconds <em>in Settings&gt;General&gt;Auto-Lock<\/em>. It\u2019s a little annoying, but it\u2019s the best approach.<\/p>\n<p>You should also limit the functions you can see on screen when it is locked in <em>Settings&gt;Touch ID &amp; Passcode&gt;Allow Access When Locked.<\/em> Just switch off the ones you don\u2019t want other people to see, access or use.<\/p>\n<p>One thing you should disable is access to Siri on the lock screen. This prevents people getting details about you by saying \u201cHey Siri,\u201d and asking \u201cWho does this iPhone belong to?\u201d.<\/p>\n<p>What happens if someone tries to open your iPhone? Unless you set this protection up they will be able to try and keep trying until they break in.\u00a0 The Erase data feature is available in <em>Settings&gt;Touch ID &amp; Passcode<\/em> screen.<\/p>\n<p>Set the Erase Data toggle to green and all the data on your iPhone will be erased after 10 failed passcode attempts. That\u2019s not such great news if you forget your passcode, (though you do backup, right?) but fantastic if someone\u2019s trying to break into your phone to pillage the device for everything it can find out.<\/p>\n<p>More after the break&#8211;&gt;\u00a0<\/p>\n<p><a href=\"https:\/\/www.computerworld.com\/article\/3237768\/apple-ios\/strong-and-stable-the-ios-security-guide.html#tk.rss_security\" target=\"bwo\" >http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/images.idgesg.net\/images\/article\/2017\/11\/facial_recognition_digital_identity_identification_id_binary_face_thinkstock_aa024318_3x2-100740896-large.3x2.jpg\"\/><\/p>\n<p><strong>Credit to Author: Jonny Evans| Date: Fri, 17 Nov 2017 08:36:00 -0800<\/strong><\/p>\n<article>\n<section class=\"page\">\n<p>Apple\u2019s smartphones are <a href=\"http:\/\/www.applemust.com\/the-military-say-iphone-is-safer-than-samsung\/\" rel=\"nofollow\">highly secure<\/a>, but if your private or enterprise data matters to you, it\u2019s essential to ensure your iPhone (or iPad) is as secure as possible.<\/p>\n<h2><strong>Why security matters<\/strong><\/h2>\n<p>Just because almost all mobile malware targets Android doesn\u2019t mean iPhone users can be complacent.<\/p>\n<p>Quite the reverse:<\/p>\n<p>We need to be even more alert in case attackers use complacency against us. What follows are a few simple tips to help you secure your iPhone (and iPad).<\/p>\n<p>There\u2019s no way to deny that iPhones are in the ascendant, particularly in enterprise IT. Beyond business, you\u2019ll see them used by educators, doctors, police and politicians and in each one of those cases the information on those smartphones is confidential and must not be abused.<\/p>\n<p class=\"jumpTag\"><a href=\"\/article\/3237768\/apple-ios\/strong-and-stable-the-ios-security-guide.html#jump\">To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[10480,10554,714],"class_list":["post-10528","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-ios","tag-mobile","tag-security"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/10528","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=10528"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/10528\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=10528"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=10528"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=10528"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}