As someone who’s been around the block a few times with mobile technology, I get a kick out of lengthy treatises on the practices one should follow to keep the information on your iPhone secure. They follow a commonsense pattern: Use a PIN, set the device to auto-lock after a minimal delay, set it to blank itself after a limited number of invalid unlock attempts, block access to the App Store, use Safari’s security defaults, and use WPA2 security for Wi-Fi. This is helpful, but it isn’t enough. Users of the iPhone, and mobile devices in general, deserve the big picture regarding the balance of security and convenience.
When you leave the store with your shiny new phone, you accept sole responsibility to protect your investment. It’s not the manufacturer’s or seller’s job to keep your property safe. They’ve built in mechanisms that, if used as documented, will reasonably protect your phone and the information it contains. If the phone gets swiped, pillaged, or vandalized, it is either your fault or bad luck, and when bad luck plays a hand, it’s likely that you contributed to the circumstances. Here are eight uncommon things you can do to steer the odds in your favor.
1. First and foremost, never, ever leave your iPhone unlocked. You’ve heard that, but you haven’t heard how to make it painless: Practice. Whenever you’d ordinarily be bending paper clips or generally goofing off at work, sit in your chair and lock and unlock your phone over and over again until it’s as natural as twiddling your thumbs. Practice with your nondominant hand. Practice with one hand concealing the other. Practice with your eyes closed. Practice with the display facing the floor. When entering your PIN becomes ingrained into muscle memory, you’ll never be tempted to disable the lock to save time, and even sharp-eyed shoulder surfers can’t watch you enter your PIN. As a bonus, you will never forget your PIN. Try it; it works.
2. Keep up with Apple firmware updates. Apple’s well-publicized flaw that allowed access to the address book via the emergency call mechanism was repaired, but only if you applied the patch. Unfortunately, Apple requires the use of desktop tools for firmware updates: Users must run Apple Software Update on their Mac or PC to grab them from iTunes when they become available. I think that’s poor design, especially when BlackBerry and Android demonstrate the ease with which OTA updates can be performed. In an enterprise setting where OTA firmware updates aren’t possible, IT should send iPhone users a broadcast SMS alerting them that they need to dock to iTunes to load an urgent fix. When running iTunes at a work desktop is forbidden by policy (as it should be), easy access to IT-controlled update stations should be arranged.
3. Put your iPhone on a leash. Keeping your phone with you provides the only impenetrable shield against theft or tampering. A comfortable, fashionable holster that suits your style makes it less likely that you’ll nonchalantly toss your phone in your bag when you leave the house. Don’t choose a jacket pocket, a backpack compartment, or any container from which you walk away. In the same vein, don’t let anyone borrow your iPhone. Even your best friend could leave your iPhone, take out his curiosity on your device, or get hoodwinked by a malicious hacker. Treat your iPhone as you do your wallet.
4. Secure your iTunes host. Your PIN affords you little protection if someone gets hold of your computer. That’s because your PC or Mac keeps a complete image of the flash memory in your iPhone. From this recovery image, a skilled hacker could read all of the data on the phone. It only takes a few seconds to move that firmware image from your disk to a thumb drive. And it takes little time or skill to replace that image with one that can reflash your iPhone’s firmware with something nasty. The smartest way to go is to keep your iPhone backups on your own thumb drive. This makes automatic restores and updates slightly more challenging, but it’s worth it.
5. Don’t jailbreak your iPhone. The iPhone jailbreak process purposely disarms the mechanisms that Apple created to protect your data. With App Store, a trusted party tests and vouches for the software, and Apple can trigger an uninstall of an app if a risk is discovered later. The protections offered by open source projects –multiple contributors, readily viewable code, and a central location for comments and fixes — don’t exist in the jailbreak world. I’ll grant that jailbreaking an iPod Touch or a retired iPhone can be good fun. Relying on a jailbroken iPhone as your primary mobile device is idiotic.
It’s so quick and easy to jailbreak an iPhone that it takes a minimum of social engineering to trick a trusting user into bypassing Apple’s built-in guard against modified firmware. It’s a simple sell: By holding down one key while clicking Restore, you don’t waste time waiting for new firmware to download from Apple. Don’t fall for it. Always download firmware directly from Apple.
6. Hide sensitive data in plain sight. The iPhone has no device-wide data encryption. It does support encrypted databases, but the inconvenience of having to unlock the data every time you want to read it may limit your use of it. As an alternative, hide some of your most sensitive data in plain sight by scattering it across nonobvious places, like your iPod library and browser bookmarks. Embed what you really need to protect in nontext form, such as buried among lots of images or audio, to avoid discovery by string scanning of your desktop or firmware. As a bonus (or not, in some cases), using iPod files syncs your secrets across iPod, iTunes, MobileMe, and AppleTV.
7. Use FileVault on the Mac or EFS on Vista. On a Mac, create a separate user account with a strong password, apply FileVault protection (using System Preferences), and activate and manage your iPhone exclusively from that account. If you never leave that account logged in, you can reinforce other desktop protection methods or skip them entirely. On Windows Vista, consider using Encrypted File System (EFS) to encrypt the entire iTunes file tree. Neither of these methods protects data on your iPhone, but it does guard against insertion of doctored firmware or simple copying of data.
8. If you use the iPhone professionally, use Exchange Server for its back end. Exchange Server keeps backups of all messages and mail settings, and most important in my book, it supports remote device blanking. In fact, Exchange is the only way to blank a remote iPhone. One drawback of remote blanking from Exchange Server is that it takes several hours — eight, by Apple’s estimation. But because the mail client is always running, a remote blank can only be circumvented if the thief is smart enough to disable your Exchange account before you discover your iPhone is missing. That’s something he can’t do because, of course, you’ve PIN-locked your device. Make sure that you or your IT department knows how to blank your device, and don’t be shy about triggering a remote blank even if you just suspect your device is missing. You can always recover your data if you find your device.
Several service providers offer hosted Exchange Servers for a small monthly fee. Call to make sure that the provider offers either Exchange Server 2003 with mobile extensions or Exchange Server 2007, and ask whether users are allowed access to Exchange Server’s management console. Without management console access, you can’t remotely blank your phone.
Apple designed the iPhone as a consumer device, so it’s heavy on convenience and light on security. If you want protection, you have to accept some pain. Fortunately, it doesn’t take a lot of time or tech savvy to keep what’s in your iPhone for your eyes only. The oft-repeated recommendations alluded to in the beginning of this story are all worthwhile, but if you augment them creatively, you’ll befuddle the bad guys with techniques they hadn’t considered and that don’t yield to automated cracks. Never overlook unorthodoxy as a means of protection.