Skip to main content

How to implement the CIS benchmark for better iOS security

The Center for Internet Security (CIS) benchmark is a widely regarded and comprehensive checklist for organizations to follow when securing iPad and iPhone devices.

Who is the CIS?

As a nonprofit organization, the CIS focuses on enhancing the cybersecurity readiness and response of public and private sector entities.

How was the CIS benchmark created?

The CIS Benchmark was created using a consensus review process comprised of subject matter experts. Each CIS benchmark undergoes two phases of consensus review. The first phase occurs during initial benchmark development. During this phase, subject matter experts convene to discuss, create and test working drafts of the benchmark. The second phase begins after the benchmark has been published. During this phase, all feedback provided by the Internet community is reviewed by the consensus team for incorporation in the benchmark.

CIS and iOS management basics

Prior to following the CIS recommendation for securing iOS, there are a few concepts you should understand.

  • Mobile device management (MDM) is Apple’s built-in management framework for iOS, macOS and tvOS. Jamf Pro is the standard solution for Apple MDM.
  • Configuration profiles define settings on iOS devices and are distributed to devices via MDM.
  • Supervision provides a deeper level of iOS management once devices are enrolled into management via Apple’s deployment programs or Apple Configurator.
  • Security requirements are based on an organization’s device ownership model: personally-owned or institutionally-owned.
  • Security level defines the requirements and settings that must be applied to each device ownership model.
  • Apple Push Notification service (APNs) is required for iOS management.

What you need to do to better secure iOS

For starters, download our complete checklist on iOS security, which walks you step-by-step through the CIS recommendations for both personally-owned and institutionally-owned device environments.

In this checklist, you’ll see:

  • Ways to properly set up iOS devices
  • Which iOS functionality to enable or disable
  • Best practices for passcode enforcement

Download Now

Have Mac, too?

Perfect! We’ve got a security guide for that.

Not already a customer?

Put our guides to the test with a free trial.