Download our FREE whitepaper on data loss prevention best practices. Download Now

Apple Introduces USB Restricted Mode

The latest iOS update, 11.4.1, released last Monday, brings with it a new feature meant to safeguard users’ data: USB restricted mode. From now on, if iOS devices have not been unlocked within the past hour, users will be required to enter their passcode when connecting to a Mac or PC or when trying to connect USB accessories to their iPhone, iPad or iPod touch.

This needs to be done only once when first connecting. Even if the devices are then locked, the USB accessories or computer connection will continue. If users don’t first unlock their passcode-protected iOS devices or they haven’t done so in the past hour, their devices will not communicate with the accessory or computer and, in some cases, not even charge. They might also see an alert asking them to unlock their device to use accessories.

Meeting security concerns

While this feature may have little impact on the everyday use of iOS devices – after all, most users unlock their phones multiple times in an hour – it will be very useful in preventing unwanted individuals from stealing or accessing data stored on them.

The update comes in the wake of the emergence of devices like GrayKey which have been allegedly used by law enforcement to crack iOS devices’ passcodes. While iOS has built-in security features that prevent too many passcode guesses and lock down devices or erase data on them depending on settings after 10 incorrect attempts, these safeguards can seemingly be bypassed through USB or the Lightning port and thus allow for the passcode to be cracked within a few hours.

Through its most recent update, Apple has taken steps to prevent the use of such forensic devices by data thieves and law enforcement to access data on stolen or confiscated iOS devices. By limiting the time between unlocks to one hour, Apple could effectively be subverting their use.

Enabled by default

USB Restricted Mode will be automatically enabled with the installation of iOS 11.4.1.  This means that every time a user will connect a USB accessory, they will first have to unlock their device for it to connect and start working. After that, the accessory will stay connected as long as it remains attached, even if the iOS device will be locked.

Users have the option to disable the USB Restricted Mode, although we recommend against it. All they have to do is go to Settings -> Face ID (or Touch ID) & Passcode -> USB Accessories and turn it on by toggling the selector. Accessories will then function without the additional layer of security.

explainer-c_learning

Download our free ebook on
Data Loss Prevention Best Practices

Helping IT Managers, IT Administrators and data security staff understand the concept and purpose of DLP and how to easily implement it.

In this article:

    Request Demo
    check mark

    Your request for Endpoint Protector was sent!
    One of our representatives will contact you shortly to schedule a demo.

    * Your privacy is important to us. Check out our Privacy Policy for more information.