Configuration profiles on iOS 12 devices contained a known security flaw. Learn how improvements in iOS 12 increase the security of the operating system.
Weak point: iOS Configuration Profiles
iOS configuration profiles are used for easy management of Apple devices (you can learn about recommended iPhone device management in this ultimate guide). For example, they contain information about email, wireless or Exchange settings, security policies, or restrictions. Once created, the configuration profiles can be easily distributed to user devices.
But this simple approach has turned out to be a serious security risk on older devices. Counterfeit configuration profiles can let in malware, make system changes or, in the worst case, completely block the iPhone.
Apple eliminated this issue with iOS 12.
How Apple Closed This Security Gap In iOS 12
The magic term for this is: Complexity. Previously, when a user opened the configuration profiles on delivery, for example by e-mail or banner, it led them directly to the installation. After the update, several extra steps are needed to install configuration profiles, preventing malicious configuration profiles from being instantly installed once they are clicked on.
Once users have clicked on a profile, they will be notified that installation can only be carried out manually in the settings app.
How Does Closing the Security Gap in iOS 12 Affect MDM Systems?
Fortunately, Apple is not making life unnecessarily difficult for MDM solution vendors and businesses. Configuration profiles provided via MDM systems will continue to be installed without this more complex workaround. The user does not have to do anything about this in the future.
If you want to make it easy for your company to manage your iOS devices, find out how Cortado MDM can help you.