The encryption classes include Complete Protection, where a passcode is required to decrypt; Protected with First Unlock, which De Atley said works like full-disk encryption on the desktop; and lastly, simply No Protection from the encryption mechanism if thats whats desired.

He said Apple has made additional efforts, including entangling the passcode with the devices unique identifier to try and deter attackers from making brute-force attacks. Other safeguards include enabling the device to automatically wipe after 10 failed attempts to enter a passcode.

The cryptography for this is fairly complicated, said DeAtley about the iOS design, which also includes the concept of a keybag that lives on the device all the time for maintaining Class keys.

Apple has built encryption based on the 256-bit Advanced Encryption standard and the Secure Hash Algorithm into its processors. De Atley said neither Apple nor the manufacturers know the unique identifier, a safeguard he says makes sure the user has maximum protection. Apple maintains a global key as a top control point.

Basically, as is already known, apps from the Apple App Store will not run on users iOS devices unless theyre signed by Apple. Third-party developers can be issued a public-key certificate from Apple to make apps that run on Apple iOS. To build enterprise apps, developers can enroll in the iOS Developer Enterprise program. Each will find they receive an Enterprise Provisioning profile that is installed on devices they use. This provisioning profile expires annually, said De Atley.