Apple Platform Security
-
Welcome
-
Intro to Apple platform security
-
-
System security overview
-
Secure software updates
-
Operating system integrity
-
-
Additional macOS system security capabilities
-
Signed system volume security
-
System Integrity Protection
-
Trust caches
-
Peripheral processor security
-
Rosetta 2 on a Mac with Apple silicon
-
Direct memory access protections
-
Kernel extensions
-
Option ROM security
-
UEFI firmware security in an Intel-based Mac
-
-
System security for watchOS
-
Random number generation
-
Apple Security Research Device
-
-
-
Encryption and Data Protection overview
-
Passcodes and passwords
-
-
Data Protection overview
-
Data Protection
-
Data Protection classes
-
Keybags for Data Protection
-
Protecting keys in alternate boot modes
-
Protecting user data in the face of attack
-
Sealed Key Protection (SKP)
-
Activating data connections securely in iOS and iPadOS
-
Role of Apple File System
-
Keychain data protection
-
-
Digital signing and encryption
-
-
-
Services security overview
-
-
Apple Pay security overview
-
Apple Pay component security
-
Secure Element and NFC controller
-
Payment authorization with Apple Pay
-
Paying with cards using Apple Pay
-
Contactless passes in Apple Pay
-
Rendering cards unusable with Apple Pay
-
Apple Cash security
-
Apple Card security
-
Adding transit and student ID cards to Wallet
-
-
Business Chat security
-
FaceTime security
-
Apple car keys security
-
-
Glossary
-
Document revision history
-
Copyright

Secure device management overview
iOS, iPadOS, macOS, and tvOS support flexible security policies and configurations that are easy to enforce and manage. Through them, organizations can protect corporate information and ensure that employees meet enterprise requirements, even if they are using devices they’ve provided themselves—for example, as part of a “bring your own device” (BYOD) program.
Organizations can use resources such as password protection, configuration profiles, remote wipe, and third-party mobile device management (MDM) solutions to manage fleets of devices and help keep corporate data secure, even when employees access this data on their personal devices.
In iOS 13 or later, iPadOS 13.1 or later, and macOS 10.15 or later, Apple devices support a new user enrollment option specifically designed for BYOD programs. User enrollments provide more autonomy for users on their own devices, while increasing the security of enterprise data by storing it on a separate, cryptographically protected APFS (Apple File System) volume. This provides a better balance of security, privacy, and user experience for BYOD programs.