Why Apple says it is the 'most effective security organization in the world'

Amid its battle with the U.S. government over the encryption of its iPhones, Apple held a press briefing to showcase just how deep its commitment to security goes. According to The Verge, Apple said it has the "most effective security organization in the world," a fact it spent much of the April 20 briefing defending.

One of the cornerstones of the presentation was the Cupertino, Calif. company's philosophy on security, which it described again and again as "balancing security with ease of use," says Re/code author Ben Bajarin. According to Bajarn, it is precisely this approach – Apple's understanding that without ease of use, their security systems would be useless – that makes them so successful.

To highlight this point, Bajarn calls to memory the days before TouchID, when companies required their employees secure their devices with PINs – often as long as eight characters. With iOS users now unlocking their devices an average of 80 times a day, according to Apple's briefing, entering lengthy passwords every time would be unthinkable. In that context, Apple's introduction of TouchID marks massive strides forward in both usability and security, with each enabling the other. It is no wonder, then, that nearly 90 percent of people who own a device capable of running TouchID have set it up and use it, according to Apple. 

Looking more holistically at iPhone security on the device level, Apple also took time during the briefing to explain just how big of an impact its insistence on controlling production of even the smallest hardware components has on security. From the moment an iPhone powers on, a unique chip known as the Boot ROM asks iOS for a unique certificate, preventing attackers from running their own software to try to steal data from the phone. 

According to The Verge, Apple engineers explained that by designing the startup process the way they did, with a validation process occurring right away, "the chances of there being a bug at the low level is very, very low."

In addition to industry-standard encryption capabilities, Apple uses proprietary systems like the Secure Enclave to lock down user information at a far more comprehensive level. A coprocessor nestled within the iPhone's processor (A7, A8, etc.), the Secure Enclave uses its own encryption system – creating keys even unknown to Apple – to protect everything from the phone's start-up process to the individual files it contains. According to Bajarn, the Secure Enclave creates the iPhone's all-or-nothing security environment, meaning there is no way to break into just a section of an iOS device's memory – hackers need the passcode or they "get nothing." 

Apple's commitment to bringing best-of-class security to its mobile devices is one of the many reasons its hardware is ideal for the enterprise. To learn more about how your workforce could benefit from an Apple-based IT environment, contact MC Services today!