CIS issues free benchmark on iPhone security Kicker: Set of recommendations is designed to reduce attacks, help in erasing data By Matt Hamblen The nonprofit Center for Internet Security today released what it termed the industry's only consensus security benchmark for the iPhone, which is aimed at helping IT managers and users reduce the risk of data stored on the device from being compromised.
The benchmark is free with a required registration at the CIS Web site.
The document takes users through more than 20 simple recommendations for system settings, Safari settings and iPhone Configuration Utility settings, a spokeswoman said. Using the recommendations is designed to help reduce the the chance of a remote attack, with instructions on securely erasing data and setting up strong passwords.
A separate benchmark for multi-function device security provides configuration and deployment guidance for business printers, copiers, scanners and fax machines.
The iPhone benchmark applies to iPhone OS version 2.2.1 and the iPhone Configuratioin Utility version 1.1.043, CIS said.
Blake Frantz, chief technology officer at CIS, said the iPhone presents "security challenges" for enterprises. Some large businesses, such as Kraft Foods and Oracle Corp., have adopted the iPhone for workers on a large scale, although there have been some holdouts in the financial sector, including Bank of America, over security concerns.
Over the past year, CIS has had more than 1 million downloads of its benchmarks, which it develops according to a wide range of standards and with input from 150 members in corporations, government, universities and security organizations, the CIS Web site said.