iOS 9 included a small, but resoundingly impactful change to how many users interact with their iPhones and iPads.
Going from the ubiquitous four digit PIN to a six digit PIN may seem trivial. However, adding two number digits increases the number of possible PINs from 10,000 to 1 Million. According to the IBM (inforgraphic):
- 4 digit numeric PIN can be cracked in as little as 18 minutes
- 6 digit alphanumeric PIN would take 196 years
That's 5.7 MILLION times longer to crack. Simply put, longer and complex device PINs are a first line of defense against unauthorized access to data on the device. IBM further recommends investigating additional ways to strengthen the security of data living on the mobile device.
Three additional areas that you might consider:
- Keep work data and applications in a separate and secured area on the device away from personal data and applications. PINs are great until the employee hands their iPhone to their kids.
- Have a mechanism that can detect brute force attacks on the PIN, and have it automatically wipe sensitive corporate data before security is compromised.
- Encrypt the data on the device. Data encryption provides an additional layer of security should an attack ever circumvent the device PIN.