Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

IT will have a love-hate relationship with iOS 7, OS X Mavericks and iCloud

Ryan Faas | June 17, 2013
With updated OSes and iCloud, Apple will please some, annoy others

What IT will hate

The biggest concern from a security or IT management perspective isn't so much a single feature of either iOS 7 or Mavericks. It's iCloud and the deeper iCloud integration in both new OSes. On both its platforms, Apple is leveraging the power of its ecosystem more than ever. That has great potential for users and even for personal data security, but it also makes it even easier for corporate data to walk out the door with employees. While it isn't yet clear whether Apple will offer ways to effectively manage iCloud's risks on iOS devices and Macs, the limited and heavy-handed approach Apple has taken in the past doesn't inspire confidence.

iCloud Keychain — iCloud Keychain is a great feature (and one that existed in iCloud's predecessor, Mobile Me) for users. No matter what Apple device you're using, you have access to passwords for websites, cloud services, applications and Wi-Fi networks. If you dig into the Keychain Access utility, however, you'll notice that keychains can also store security certificates and can manage Kerberos ticket granting. That's a lot of information focused on secure access — information that could compromise enterprise security if it were ever stolen or an employee were to leave the company. If iCloud Keychain syncs corporate security items to iCloud and a user's home devices, that data leaves IT's control and becomes an ongoing security risk. Thankfully, that level of risk means that it's likely that Apple will offer the ability to disable or block iCloud Keychain sync.

iCloud integration with the Mavericks file system — This isn't really a new issue in OS X Mavericks. As Apple continues to encourage developers to build iCloud support into their apps and to offer iCloud as a default storage location, however, the potential for users to inadvertently place sensitive data in their iCloud data store will make it more difficult for IT to determine whether data has leaked out. Similar issues exist with apps that routinely sync data between iCloud and local storage on an Mac, iPad or iPhone. To date, Apple hasn't provided much specificity when it comes to blocking iCloud storage or sync. The choices are on and off globally on a device rather than on a per-app basis. Given that Apple is dipping its tow into app management, this may be about to change.

iOS Notifications in Mavericks — This is a great feature in a lot of respects and will likely prove particularly helpful for business users that prefer to respond to notifications on their Macs rather than pulling out their iPhones or iPads. The concern, however, is that notifications sent from work-related apps (both third-party and in-house) or by coworkers could contain sensitive information that isn't meant to be seen on anything other than a secure iOS device, such as clinical information about a patient sent to a doctor's iPhone. If that notification popped up on a device being used by another family member, it could constitute a breach of healthcare privacy regulations. The opposite is also true: Sensitive personal information could be displayed on a Mac in the workplace.

 

Previous Page  1  2  3  4  5  6  Next Page 

Sign up for CIO Asia eNewsletters.