iOS 5.1 Hardening Configuration Guide

iOS5.1 Hardening Guide

The Defence Signals Directorate which is part of the Australian Government Department of Defence previously issued a hardening guide in June 2011.

That guide covered iOS 4.3.3 and higher and is still available here: http://www.dsd.gov.au/publications/iOS_Hardening_Guide.pdf.

Within that guide, it was stated:

“DSD does not recommend iOS for use at the PROTECTED/RESTRICTED
level. This guide is intended for use at UNCLASSIFIED and UNCLASSIFIED IN-CONFIDENCE”

Last week, an updated guide was released which is available here. The updated version covers iOS 5.1 or higher.

With the implementation of these new guidelines, an iPad or iPhone running iOS 5.1 can be used with information classified under the Australian Government Security Classification system as PROTECTED (the next classification after TOP SECRET, SECRET and CONFIDENTIAL).

There is of course a caveat:

“Implementing the techniques and settings found in this document can affect system functionality, and may not be appropriate for every user or environment.”

The guide is 71 pages long and has sections covering:

• Chapter One: Introduction to Mobile Device Security Architecture
• Chapter Two: Encryption in iOS
• Chapter Three: Security Features and Capabilities
• Chapter Four: Deploying iOS Devices
• Chapter Five: Suggested Policies
• Chapter Six: Recommended Device Profile Settings
• Chapter Seven: Mobile Device Management

There are then appendices that cover:

• Security Checklist
• Configuration Profiles Format
• Sample Scripts
• Example Scenarios
• Risk Management Guide
• Firewall Rules

The guide is worth having as a point of reference for device security and management even if you are not trying to comply with Australian Government standards.