fbpx
Mytek Logo
MyTek Logo

Study Finds Apple IOS has a Significant Security Issue.

by | Feb 8, 2021 | MyTek Blog, Technology

Q

Subscribe To The Blog

By subscribing to the blog, you will be notified when a new blog post is created on the site.

Are Apple Devices Immune to Threats? Don’t Bet On It

Apple IOS has security issues? Surely not! But for quite awhile now, security and law enforcement representatives have requested Apple to share a workaround, or backdoor access, for their operating system, which they have outright refused. Stating that doing so would undermine their world class security. Tired of waiting, the feds went ahead and built a workaround themselves. In doing so, they have revealed that their operating system, Apple IOS, isn’t as secure as it was purported to be. 

What was Found 

In January 2021, a team of cryptography researchers published a report, detailing their findings after examining the security measures that were implemented in modern mobile devices. The report Data Security on Mobile Devices: Current State of the Art, Open Problems, and Proposed Solutions seeks to determine three main things:

  1. What security measures are being used to discourage unauthorized access to a user’s data.
  2. How unauthorized users access modern devices.
  3. How security can be improved in mobile devices to stop unauthorized access.

After an in-depth analysis of both platforms, IOS and Android, the results were clear but surprising. While both operating systems did well, one thing was determined; neither platform had enough security measures. Giving an individual with the right equipment and knowledge the ability to access the operating systems.

Android’s security issues due more to the diversity of phones and manufacturers that use Google’s mobile operating system. Citing a lack in communication between Google and smartphone developers, slow updates, and differences in software architecture. Which has led to non-uniformity in the platform’s security and privacy controls. However, both platforms share a weakness, and it has to do with data synchronization with cloud services.

These vulnerabilities were found in the device itself and the software infrastructure it uses. The rest of the report details the specific vulnerabilities that each platform has.

Apple’s Weaknesses

Apple gives users the ability to securely store their data in the iCloud cloud solution. According to the report that isn’t all the data that Apple acquires. When the service is first activated, a large amount of other user data is sent to Apple where it’s remotely stored. Making the data accessible by both nefarious actors and legitimate entities alike.

In addition to the existing security concerns, Apple IOS defenses included in their devices seem to not be as effective as originally thought. Based on the research team’s analysis, they hypothesize that since 2018 a tool has existed that allows an attacker to bypass security measures and can effectively guess a user’s passcode.

Android’s Weaknesses

It was shown that Android had some serious issues with its local data protection. A major red flag is in Android’s equivalent of Apple’s Complete Protection encryption, IOS removes the decryption key when the phone is locked and Android it noticeably devoid of this mobile security measure. Making access easily obtainable whether the phone is locked or not.

Now you know why the FBI doesn’t need help from Google or Apple to either platform without assistance, just a warrant.

What Does this Mean to You?

Don’t assume that your data is safe just because it is stored on a particular brand of device. impenetrable security is not a thing, so you will need to make sure the data that your business possesses remains protected.

This means that you should use every tool and solution available to reinforce security around the devices your employees use. This should involve all devices owned by the company and ones belonging to your employees into building a Bring Your Own Device strategy. The capability to remotely wipe a device and remove sensitive data is should be considered, but it is not an option to be taken lightly. While losing a device is a terrible thing unto itself, losing a device that can access sensitive data is far worse.

MyTek is here to help you see to your devices and the proper management of such. To find out more about what we can do, reach out to our team at 623-312-2440.

 

ABOUT THE AUTHOR

Tim - Team

Tim Tiller, LMSW

 
Tim Tiller, MSW brings a deep service background to his role at Mytek, having graduated from McDonald’s management training program, fresh out of high school, and working his way up through the ranks in the hospitality industry. He has led two prior companies – Multi-Systems Inc., an IT-focused organization providing technology to hospitality companies (where he was named President at age 36), and most recently, as Chief Operating Officer for Jewish Voice Ministries International.

Q

Subscribe To This Author

By subscribing to the author, you will be notified when a new blog post is created by the author.

AUTHOR’S RECENT POSTS

Top 5 Hardware Monitoring Software 

Did you know that almost 40% of servers had at least one outage in the last twelve months? Veeam reports that the most common reason for outrages is infrastructure failure which puts the current hardware monitoring practices under the scanner. Hardware failures are...

Types of Mobile Malware & How to Defend Against Them

Malware has a long history of undermining computer security and stealing critical data. With the rapid growth of mobile usage, we're now seeing a new breed of mobile malware infecting smartphones and tablets. The new-age mobile malware are more advanced, seamless, and...

How to Protect Your Data Privacy & Enhance IT Security

Every time you use a device, you enter, modify or access data. Some of your usages are routine and public but sometimes you perform tasks that are confidential in your personal life or business. Naturally, this type of data is private and it should be kept that way....

Mobile? Grab this Article!

QR Code

Blog Archive

Share This