Microsoft will reveal details of its iOS security plans at RSA 2020
AFP via Getty Images
Microsoft and Apple may seem like odd security-bedfellows, or at least at odds with each other, but a public preview of a Microsoft Defender Advanced Threat Protection (ATP) client for business Macs started last year. At the annual RSA security conference in San Francisco, which starts February 24, Microsoft is set to reveal details of how it will also help secure iOS devices. The question is, how do you feel about Microsoft securing your iPhone?
Apple already has a good iPhone security track record
Despite the odd research outlier, such as the survey that concluded Google was more trustworthy than Apple with regards to data encryption, Apple has a pretty good security record. When it comes to the security of iPhones, Apple is on some very solid ground indeed. Helped in no small part by such things as the vulnerability hunting program with a $1.5 million (£1.1 million) bounty for uncovering the most serious of flaws.
That said, security toolkits that work in any meaningful way on an iPhone are, well, few and far between. I have likened this to finding a needle in a thousand haystacks before now. Not least as rules regarding the scanning of other apps and data serve to keep true antivirus apps out of the App Store. Sure, there are a few potential exceptions such as the app that claims to be able to tell if your iPhone has been hacked by looking for consequential effects and anomalies, but could Microsoft be about to change all that?
How will Microsoft secure your iPhone?
Moti Gindi, Microsoft’s corporate vice-president for Microsoft Threat Protection, let slip plans to bring security solutions to iOS, and Android for that matter, in a blog posting announcing the public preview of Microsoft Defender ATP for Linux. “Next week at the RSA Conference, we’ll provide a preview of our investments in mobile threat defense with the work we’re doing to bring our solutions to Android and iOS,” Gindi wrote. Details have been scarce, as you might expect given that detail is what the RSA announcements are meant to provide. However, that doesn’t mean they are completely absent from the tech news landscape. In an interview with CNBC, Microsoft corporate vice-president, Rob Lefferts, spoke about how malware “happens” on both Android and iOS platforms despite them both being pretty safe: “pretty safe is not the same as safe,” Lefferts said. He also mentioned how users of mobile devices are open to phishing attacks and that Defender could make them less vulnerable.
This is of interest as earlier this month I reported how Apple Mac threats were outpacing Microsoft Windows ones by a ratio of two to one. The nature of those threats being social engineering in one form or another. While it is almost certain, at least to start with, the Microsoft Defender security solutions will only be available to protect organizations and their employees, it remains to be seen how the iPhone app actually works. Given the app scanning restrictions I mentioned earlier, it’s likely that Defender for iOS is going to focus more on preventing the loading of potentially malicious apps from outside of the App Store, that and anti-phishing mechanisms in conjunction with the enterprise platform.
Is the devil in the delivery detail?
Regardless of how Microsoft will deliver the Defender security solution to iOS devices, the devil will be in that delivery mechanism. This is, I would suggest, because the broader question among Apple users is how much it can trust Microsoft to deliver the goods. First things first, Microsoft Defender is the default, and rather good these days, security application for Windows. The enterprise-level Microsoft Defender Advanced Threat Protection (ATP) product raises the bar even further. These are solid security performers, and there is absolutely no doubt about that. Where the doubts tend to creep in is with that “able to deliver” question; Windows users have experienced security updates that have broken Windows Defender, as it was known at the time and another that could break Windows Defender Advanced Threat Protection for some users. The complexity of the Windows update process is both well-documented and a cause of concern for many users.
All will, no doubt, be revealed at RSA this coming week. One thing is for sure, it will be a very interesting week ahead.