Should I Consider Using Apple Lockdown Mode On My Organisation’s Devices?

• Lockdown Mode is a new security feature to be released in the Autumn updates of iOS 16, iPadOS16, and macOS Ventura.
• It’s a direct trade-off between security and functionality as it strips away most of the functionality that we take for granted when using an Apple device.
• Lockdown Mode can be set at a device level, your organisation has the flexibility to decide which device(s) and when it’s used.

What is Lockdown Mode?

Apple recently announced Lockdown Mode as part of the iOS 16, iPadOS16, and macOS Ventura updates coming this Autumn. As you’d expect from the name, it’s an extreme security feature that attempts to make your device a fortress. The aim is to protect against the most sophisticated digital threats and, in particular, spyware. It’s been developed in response to the use of the controversial Pegasus Spyware by certain governments to hack activists, journalists, and diplomats. It specifically protects the device rather than data when it’s being shared digitally (given the rise of encrypted communication methods).

What does Lockdown Mode do?

It’s important to note that Lockdown Mode is optional: it can be toggled on or off in the device settings. When it’s turned on, Lockdown Mode places strict limits on functionality. These include:

• Messages – most message attachment types other than images are blocked. Some features, like link previews, are disabled.
• Web browsing – certain complex web technologies, like just-in-time (JIT) JavaScript compilation, are disabled unless the user excludes a trusted site from Lockdown Mode.
• Apple services – incoming invitations and service requests, including FaceTime calls, are blocked if the user has not previously sent the initiator a call or request.
• Wired connections with a computer or accessory are blocked when iPhone is locked.
• Configuration profiles cannot be installed, and the device cannot enrol into mobile device management (MDM), while Lockdown Mode is turned on.

In a nutshell, it strips away most of the functionality that we take for granted when using an Apple device. It’s a direct trade-off between security and functionality because, at least for now, you can’t personalise Lockdown Mode: it’s fully on or not at all. However, the standard Apple security remains unaffected as would any applications added by your organisation.

When would Lockdown Mode be useful for my organisation?

Lockdown Mode was designed for those who might be the subject of cyber-attacks from hostile powers. So, if you’re an organisation that has information that someone else really wants, you might want to consider utilising Lockdown Mode to bolster your security. This could work as well for companies with highly secret proprietary information.

At the other end of the scale, the restrictions placed on the device (and the user) would be disproportionately onerous for most organisations. It would be safe, but you wouldn’t be able to open a word file attached to an email: is that level of security compared to the risk you face?

Of course, given that Lockdown Mode can be set at a device level, your organisation has the flexibility to decide which device(s) and when it’s used. This allows you to tailor the security to specific scenarios. For example, when travelling, it might make sense for Lockdown Mode to be enabled in case the device is lost and you wouldn’t immediately know.

Need help deciding the best IT setup for your organisation? Get in touch!