FISMA / HIPAA Compliance on iOS
5 May 2011
Last night I presented at the MoDevDC Meetup on the topic of security on the iOS platform. It was a fun discussion among 50+ local mobile developers.
In this presentation, I am going to discuss the technical challenges
of how we secure our app (iForm ES) in order to satisfy various
requirements from FISMA and HIPAA. This is a technical presentation
and code examples will be shared.
- The basics: OS level security, keychain, file attributes,
- Getting to jailbreak proof: local authentication, prevent keyboard
cache, local database encryption
- FISMA/HIPAA Compliance: FIPS 140-2, two factor authentication, intrusion prevention,
end-to-end PKI, X.509 digital signature
Disclaimer: This is not a check list of how to get FISMA/HIPAA certifications. We are simply sharing our experience.
Here is the presentation: MoDevMeetup-05042011
And Code Examples