Apple has made significant strides in getting some of its mobile devices adopted by large enterprises, but a problem in iOS 9 could cause issues for information workers who want to access their corporate network via a virtual private network (VPN).

Cisco posted a Facebook alert about the flaw, which remains in the most current version of iOS 9 and involves a malfunction in the Tunnel All DNS option in Cisco’s AnyConnect VPN product. It means remote workers may not be able to access some servers, although not necessarily all of them.

The iOS 9 bug is not limited to Cisco AnyConnect but potentially affects many similar products, as well, according to InfoWorld. It’s an issue that could prove frustrating for iPhone or iPad users who decided to upgrade to Apple’s latest mobile OS early since they would now have to figure out a way to move back to iOS 8.4.1, which is immune to the VPN connectivity flaw.

ZDNet said the only option is for iOS 9 users to first ensure they have backed up their device using iTunes. Although some might have assumed iCloud would be the more logical tool for this task, iTunes has a restore feature that can essentially make it seem like the upgrade never happened — and, perhaps more importantly, get them the corporate access they need.

Ironically, Apple and others have been working hard to prove that iOS 9 is one of the most secure mobile platforms in the industry, FierceMobileIT pointed out. This includes the ability for IT administrators to push apps to employee devices without going through the App Store or relying on an Apple ID, and the ability to integrate with enterprise mobile management software. An inability to get into the corporate network via VPN, however, may have IT departments putting off upgrades until a newer iteration of the beta is available.

Softpedia said that the iOS 9 bug could have something to do with the way some companies set up a particular VPN. Over time, this flaw will no doubt be resolved by Apple, but it shows that companies moving to a bring-your-own-device (BYOD) policy may need to think through potential connectivity snags as they allow employees more choice over the kinds of technologies they use.

more from

X-Force 2022 Insights: An Expanding OT Threat Landscape

This post was written with contributions from Dave McMillen. So far 2022 has seen international cyber security agencies issuing multiple alerts about malicious Russian cyber operations and potential attacks on critical infrastructure, the discovery of two new OT-specific pieces of malware, Industroyer2 and InController/PipeDream, and the disclosure of many operational technology (OT) vulnerabilities. The OT cyber threat landscape is expanding dramatically and OT…