Quantcast Apple, iPad Encryption and Security « iPad in Canada Blog - Canada's #1 iPad Resource iPad in Canada Blog – Canada's #1 iPad Resource

Apple, iPad Encryption and Security

by on December 15th, 2010

Over the past couple of weeks I’ve had the opportunity to meet with business, technical and engineer personnel from Apple. Everyone from Apple that I conversed with were very knowledgeable and helpful when answering my numerous questions regarding the iPad’s security capabilities and functionality. Since meeting with Apple, I have much more respect for the company as a whole and for iPad security.

I wanted to share with you some of the security tidbits that I have learned.  If you are curious about the iPad’s security or if you’re one of the lucky ones who gets to implement the iPad in an enterprise environment, you may already know some of this but hopefully you will learn something new. Please note that this article applies only to the iOS 4.2 operating system (latest software version on the iPad).

The iPad has the following security features (and more):

  • uses 256 bit hardware encryption which is always on
  • every file is encrypted at the file level and is also encrypted with its own unique file key
  • applications run in a sandbox environment; thus denying direct access from one app to another app and preventing malware
  • each application is validated by Apple before being permitted to run on your device
  • remote wipe capability
  • enhanced data protection; uses different certificates to ensure data integrity and confidentiality
  • strong password capability
  • after 6 failed attempts at entering your password, the system enforces a back off between failed attempts; this means that you have to wait a predetermined amount of time before entering the password again, i.e. 10 minutes, 2 hours, etc.
  • the Defense Information Systems Agency (DISA) documented in their latest iPhone and iPad Security Technical Implementation Guide (STIG) (link to the guide can be found here  http://iase.disa.mil/stigs/checklist/index.html) that the iPad does not require antivirus software
  • is in the process of going through FIPS 140-2 certification; FIPS (Federal Information Processing Standard) is a U.S. government computer security standard used to accredit cryptographic modules and will certify that the encryption is performing on the iPad as per Apple’s claims
  • you should encrypt your backups in iTunes because not only do you protect your data but you actually back up more data when you encrypt; this will help if you have to do a restore as more app and user data will be restored

Apple is going down the right path by increasing the security posture for the iOS 4.2 devices and there are more enhancements yet to come.

**Want the BEST new iPad protection? Order your invisibleSHIELD by ZAGG, the strongest protection for your new iPad backed by a 30 day money back guarantee, lifetime replacement warranty, and FREE shipping! Use coupon code 'iphoneinca' for 20% off your purchase! Order today!**

Posted under: Uncategorized

  • http://www.iphoneincanada.ca Gary

    Amazing. I did not know some of this stuff. Nice article Darlene! :)

  • R.

    Hi,
    As most of this controversy over the iPad’s security stemmed from a poorly thought out CSEC publicationn, I seem to recall Apple and CSEC getting together to smooth things over… Can anyone point me in the right direction to find an article on that meeting???

    Thanks

    R.