Apple's iOS 6 mobile operating system is now secure enough for low-level work in the U.S. government after it passed security certification.
The National Institute of Standards and Technology (NIST), which examines and tests mobile devices for security and validation purposes, granted the Apple mobile platform FIPS 140-2 certification (Level 1) last Friday. At this level, devices running the platform can be used in conjunction with the lowest level of security clearance.
It comes just days after the U.S. Department of Defense was reportedly in talks with Apple and Samsung in a bid to approve the two firms' devices for government use. It follows the dropping of an exclusive contract the Dept. of Defense's had with BlackBerry — then named Research in Motion — late last year.
The U.S. government's approval follows seven months after its U.K. counterpart first approved iOS 6-based iPhones and iPads. U.K. government workers are only allowed to use the devices for data deemed "restricted" or below.
The agency said in a validation document it tested iOS 6.0 running on an iPhone 4, 4S, and an iPad (in single-user mode.)
It's not clear, however, if devices running iOS 6.1, or any subsequent update, is covered under the certification.
iOS 6.1 contained a lock screen bug that allowed any potential hacker with access to an affected device to unlock the phone or tablet without knowing the passcode. iOS 6.1.3 fixed the lock screen bug, but also contained yet another flaw that allowed access to some areas of the iPhone while locked.
The validation document states: "The Apple iOS CoreCrypto Kernel Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest." CoreCrypto uses FIPS-approved algorithms, such as 3DES, AES, SHS, and around a dozen other algorithms.
Allowing iOS 6-powered iPhones and iPads into the government workspace could considerably change the landscape of market and usage share, as well as where tax-funded IT models shift towards.
Up until now, only BlackBerry devices had been widely used for U.S. government use. The latest BlackBerry 10 devices were given the government go-ahead with FIPS 140-2 certification by both the U.S. and Canadian government, two months before the next-generation devices were even released.
But with the decline in BlackBerry popularity and a slower-than-expected release schedule for the latest BlackBerry 10 smartphones, many government departments were preparing — and already have — jumped ship to rival platforms.
U.S. Immigration and Customs Enforcement (ICE), a division of U.S. Homeland Security, said it would pull the plug on its 17,600 employee BlackBerrys and favor iPhones instead. The deal, according to a "solicitation" document, would be worth $2.1 million — to the U.S. taxpayer, at least.
The National Transportation Safety Board (NTSB) followed suit, but not without a public flogging. The NTSB slammed the BlackBerry maker's devices for "failing both at inopportune times and at an unacceptable rate," and named the iPhone as the prime contender to replace the agency's 400 employee devices.