Apple INDIGO
Native data protection with iPhone and iPad
Data security is mandatory for companies
Cyber attacks are a threat to companies of all sizes, as cyber criminals operate without borders. Companies must therefore be aware of the risks and threats of cyber attacks and take appropriate measures to ensure that their own data is protected both at the company headquarters and when accessing it via mobile devices.
For the use of iPhones and iPads, Apple offers INDIGO, a native option for data backup without requirement of any additional software, third-party apps or hardware.
The effective security mechanisms enable secure release and processing of classified data up to classification level VS-NfD.
Aufgrund dieser leistungsfähigen Absicherung wurde der Einsatz von Apple INDIGO durch das Bundesamt für Sicherheit in der Informationstechnik im staatlichen Umfeld empfohlen.
What is Apple INDIGO?
INDIGO stands for iOS Native Device In Government Operation and is a hardened operating system configuration from Apple for iOS (from version 15.1) and iPadOS (from version 15.6.1), with which highly secure and ultra-mobile working can be realized.
Thanks to native integration at device level, the security solution is without additional software, apps or hardware. This simplifies implementation and reduces ongoing maintenance and support costs.
Another key advantage of using INDIGO is that Apple, as the manufacturer, guarantees highly secure use in accordance with the VS-NfD standard for Apple iPhone and iPad devices for up to 6 years.
This technological planning security enables companies and public authorities to plan the use of their mobile devices for longer periods of time and thus realize major savings.
Advantages of Apple INDIGO for organizations with special protection needs
- Native security solution for iPhone and iPads at device level
- Ideal for solutions of highly secure and ultra-mobile working
- No additional apps or third-party software required
- Meets the VS-NfD classification level for high security of classified data
- Solution is suitable for NIS2 EU directive
- DSGVO compliant
- Planning security thanks to 6-year manufacturer’s warranty for INDIGO
- High savings potential through longer use of appliances
- Private use of end devices possible
- Working in a modern and familiar (device) environment
VS-NfD provides maximum data security
In response to increasing cybersecurity threats, security solutions used for all types of end devices must be continuously made more capable in order to offer sufficient protection.
The VS-NfD classification level required by public authorities enables secure connections to IT networks via VPN. VS-NfD is also used in the civilian sector when maximum data security must be guaranteed – for example, in the government environment, at private companies that are subject to secrecy protection and by emergency services such as the THW or DRK.
Which industries or sectors will benefit from Apple INDIGO as a security solution?
Private sector
- Energy suppliers
- Defense industry
- Critical infrastructure
- Banking
- Healthcare
- Companies with high protection requirements
Public sector
- Authorities
- Administration (federal government, federal states, municipalities)
- Police
- Relief units
- DRK, THW, etc.
Requirements for VS-NfD classified data processing
In order to correctly implement a secure solution with INDIGO, it is necessary to comply exactly and completely with the procedural guidelines and specifications for the VS-NfD confidentiality level.
There are two key prerequisites for this:
- an approved VPN from a certified provider, and
- a darksite MDM that makes the communication of end devices on the Internet invisible to third parties.
Thanks to the strategic partnership, agilimo Consulting Rohde Schwarz Cybersecurity can cover all customer requirements for VS-NfDfrom a single source.
Three components are required to fulfill the VSA requirements of the BSI:
- an Apple end device
- a VS-NfD-approved VPN gateway
- a MDM Darksite (optionally Brightsite, if approved by BSI)
MDM systems that enable pure darksite operation and already meet the VSA requirements can be used for darksite implementation.
To meet the VSA requirements, a Brightsite MDM must be certified by the BSI to EAL 4+ or higher. There are currently no Brightsite MDMs available that meet the VSA requirements.
BSI recommends Apple INDIGO release
The German Federal Office for Information Security (BSI) has examined the INDIGO platform and issued its recommendation for the release of INDIGO for the processing of VS-NfD-classified data in government use on commercially available iPhones and iPads.
For the upcoming NIS2 EU directive to improve cyber security in organizations and companies, INDIGO offers a tested, practical and, above all, native solution for implementation, in which commercially available iPhones or iPads can be used for highly secure mobile working. INDIGO is the first US product to be included on the list of BSI approval recommendations.
One-stop service: agilimo realizes your Apple INDIGO project
As strategic partners, agilimo Consulting and Rohde Schwarz Cybersecurity implement highly secure and ultra-mobile security solutions from a single source thatfully meet all VS-NfD requirements . Our customers thus receive all the required services of their INDIGO solution centrally:
- Compliance with all VS-NfD specifications incl. advice and devices
- Actual state analysis and security audit
- Purchase, registration and staging of mobile devices (iPhones / iPads)
- Implementation, rollout and support of your INDIGO project
Combined expertise - certified encryption meets highly secure mobile working
IT security expert Rohde Schwarz Cybersecurity offers encryption solutions approved by the German Federal Office for Information Security (BSI) and is one of the leading security companies for endpoint and network security. Together with agilimo, the security expertise is also being extended to mobile devices.
For many years, agilimo Consulting has been one of the top specialists in Germany for highly secure working with mobile devices and supports not only private companies but also numerous government-related organizations.
In order to be able to implement solutions with VS-NfD standard, our security specialists have been successfully working with technology from Rohde Schwarz Cybersecurity, such as RS Trusted VPN Gateway or RS Trusted Disk, in their projects for several years.
Managed Security Service Provider with German SOC
As a Managed Security Service Provider (MSSP) , agilimo Consulting also offers outsourced monitoring and management of security devices and systems.
With our highly available German Security Operation Center (SOC), we provide tailored services for your company around the clock on request.
Here we fulfill the criteria of the TeleTrusT trust mark “IT Security Made in Germany“.