, , ,

BSI approves core security functions of iPhone and iPad

We want to draw your attention to the following publication issued by the German Federal Office for Information Security (BSI):

https://www.bsi.bund.de/DE/Service-Navi/Presse/Pressemitteilungen/Presse2022/221005_Apple_Sicherheitsfunktionen.html 

In a nutshell for the non-German readers, the article states that Apple has agreed to an independent evaluation of the core security functions of iOS and iPadOS by BSI. This evaluation has been conducted according to the national requirements on equipment to be used for handling classified information. These requirements are comparable to the standards and the methodology of Common Criteria. The evaluation results confirm the effectiveness of the core security functions integrated in iOS and iPadOS. This includes also Apple’s first party apps for email, calendar and contacts. As a result, off-the-shelf iPhones and iPads are cleared for governmental use of German authorities including handling of classified information up to the level “Nur fuer den Dienstgebrauch” (VS-NfD) as long as the requirements specified for the operational environment are fulfilled. BSI and Apple have agreed to continue their collaboration and that future versions of iOS and iPadOS will regularly undergo follow-up evaluations. 

atsec participated in this project on the one hand by performing evaluation activities by a team of approved evaluators and on the other hand by providing consultancy through an independent team of consultants to achieve this milestone.