iOS 8 was released on September 17 of this year for the iPad 2, iPhone 4S, and newer devices, and is pre-installed on the new iPhone 6 and 6+, which was released on September 19, 2014. Since blogs and articles detailing the new features and changes in iOS 8 abound, we won’t share those details here. Instead, we will cover only the security and privacy improvements. If you’re interested in all the juicy details surrounding iOS 8, have a look at the iPhone or iPad user guides published by Apple, which are available for free in the iBook store.

Now, on the topic of mobile security, according to 451 Research, mobile device security is the top source of pain for the enterprise security managers who were interviewed for their latest study. The pain points cover several general areas including consumerization, employee expectations, and device management. Mobile device security was a top concern of 16% of respondents, up 13% from last year.

Screen Shot 2014-09-25 at 3.19.24 PM

So, will the security changes in iOS 8 help enterprise security managers sleep at night? Time will tell, but let’s have a look at the goods.

For starters, Apple can no longer unlock a user’s device even if requested by government or law enforcement order – that ability was removed in iOS 8. This is very important for privacy and security, especially with the rollout of the Apple Pay feature available with iPhone 6/6+. Apple also patched the so-called “diagnostic backdoors” that were supposedly used by the NSA to steal users’ data. If that isn’t enough, several other features have been created or modified to quickly enable “un-trusting” of all computers that a device has been connected to and the ability to limit the amount of data that applications collect and share about you. You can even change Safari’s default search from Google to the privacy-conscious DuckDuckGo.

Furthermore, Apple’s updated privacy policy assures users that they don’t use email and Web browsing habits to build a user profile for monetization. As if this isn’t enough to prove Apple is serious about security and privacy, most of the security measures are implemented by default. One exception is the necessity of users to manually implement two-step verification for their iCloud accounts, which will help prevent potentially sensitive data, such as selfies, from getting stolen.

Well, what do you think? Will these changes make a difference for the troubled security managers around the country? They certainly won’t hurt, but anyone involved in enterprise mobility management or mobile security research knows there’s still much to be done to reduce the risk of mobility and BYOD in the enterprise. Reach out to your GuidePoint Security account executive to learn more about what you can do to reduce the risk of adopting BYOD in your organization.

Finally, I’d be remiss if I didn’t mention the partnership that Apple & IBM announced over the summer. In my opinion, this is going to be a good thing for users and enterprises, but not so much for device and application management vendors, who may find stiff competition from companies with much deeper pockets. Will 2014 be the year that Apple and Google finally decide to take enterprise mobility seriously? We’ll all have to stay tuned as this evolves.

About GuidePoint Security

GuidePoint Security, LLC provides customized, innovative and valuable information security solutions and proven cyber security expertise that enable commercial and federal organizations to successfully achieve their security and business goals. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Reston, Virginia, and with offices in Michigan, New Hampshire, Florida and North Carolina, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: www.guidepointsecurity.com.