New FIPS 140-2 certification could broaden government use of iOS 6

passcode

There’s been a lot of talk lately regarding Apple and its efforts to broaden the use of iOS in government agencies. The latest report says the US Department of Defense is close to granting both the iPhone and iPad approval for secure use.

Today comes word that the DoD might have just received the green-light it needed to move forward. The National Institute of Standards and Technology (or NIST) just announced that iOS 6 has achieved FIPS 140-2 certification (Level 1)…

FIPS stands for Federal Information Processing Standard—a standard developed by the US government for use in its computers. Level 1 is the lowest level of security, as no physical security mechanisms (hardware add ons) are necessary.

From the NIST website (via TUAW):

“Apple iOS CoreCrypto Kernel Module v3.0, when operated in FIPS mode, “generates cryptographic keys whose strengths are modified by available entropy”. CoreCrypto is described as “a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest.”

This essentially means that with the right software on it, an iOS 6 device is secure enough to pass the government’s ‘level 1’ security requirements. So while you wouldn’t store any national secrets on it, it’s at least ok for every day government use.

The site says iOS 6 was cleared on an iPhone 4, 4S and iPad in single-user mode, but it’s unknown if newer products like the iPhone 5 and iPad mini can also claim level 1 status. Either way, the news is great for Apple and its enterprise team.

It seems we’ve hit some sort of transitional period in mobile tech, where many companies and agencies are in the process of trading in their old BlackBerries for newer handsets. And a huge payday awaits for whoever can win their business.