Apple released its iOS 16 update last week, offering users plenty of lock-screen customisation and the ability to unsend messages and emails. However, the most important updates, to us at least, are those that affect security.
iOS 16 improves device security in a number of ways, which we have broken down below:
The biggest headline in iOS 16 security is the introduction of passkeys. Passkeys are described as an “easier and safer sign-in method”. They are digital keys stored on your device intended to eventually replace passwords as a login method.
Each key is only generated when you create an account or add passkeys as a login option. The key never leaves your device, which means it can never be leaked from a website data breach. Only a handful of websites offer passkeys as a login method so far, but that number is expected to grow now that iOS 16 has been released.
This new feature offers users the chance to bolster their device’s protection from extreme, targeted cyberattacks. It closes off many vulnerable points, reducing the opportunities for hackers to gain access. This does hamper the device’s performance so it’s not a feature for the vast majority of users, only those who know they are seriously threatened by complex, organised cyberattacks.
Every update includes vulnerability fixes, and iOS 16 is no different. Various patches cover minor issues in apps like Contacts, Maps and Safari, but the most important is for the catchily-named CVE-2022-32917. This weakness allowed hackers to execute any code on your device.
iOS 16 is still fairly new, so it’s not surprising that there are a few early bugs in the software. A new version (likely iOS 16.0.1) is expected soon to remove these bugs, but now that these vulnerabilities are public knowledge, it’s vital to protect your devices from potential attacks. These crucial fixes are also available in iOS 15.7 if you want to protect your device without installing iOS 16.
Rapid Security Response
This new option means you can choose to automatically install key security updates. These patches are usually part of a wider update that users must install manually. This feature means your device will always be as secure as possible, while you still have the control over when to update for other optional features.
Keeping up to date with security patches is vital to your cybersecurity, and is included in the Cyber Essentials requirements. Even achieving the basic Cyber Essentials certification can prevent up to 80% of cyberattacks. Contact OmniCyber Security today to find out about getting your organisation certified.