Microsoft will require its employees in China to use only iPhones due to their enhanced security features.
The move comes as Microsoft undertakes a major cybersecurity overhaul. The project, known internally as the Secure Future Initiative, comes after Microsoft faced scrutiny for its subpar security practices. Microsoft’s new policy, which will take effect in September, means that employees in China will only be able to use iPhones for work, as it first reported Bloomberg. The new rule is intended to effectively limit the number of Android phones used by Microsoft’s Chinese employees.
Microsoft will begin requiring employees to verify their identity and use two-factor authentication when logging in to their work phones.
Microsoft had to ask its employees to only use iPhones for work because some security apps, such as Microsoft Authenticator and the Identity Pass app, were not available on any other operating system in China. In the US and other countries, these two apps are also available on Google Play. But Google Play doesn’t work in China, which means Microsoft employees could only get relevant security apps on the Apple iPhone.
“Due to the lack of availability of Google mobile services in this region, we strive to offer employees a means to access these required applications, such as an iOS device,” a Microsoft spokesperson said. Luck in email.
Microsoft will give employees in China who don’t have an iPhone an iPhone Bloomberg.
Chinese Android phones made by companies like Huawei and Xiaomi run their own platforms. Microsoft’s ban on Chinese smartphones is emblematic of the divergent digital ecosystem between China and the US, where the two governments and the big corporations that work with them are increasingly wary of giving the other access to sensitive material.
China has its own search engines and social media platforms where US giants like Facebook are banned. Its internet censors are legendary for their breadth and severity. Meanwhile, in the US, the White House has restricted exports of the most sophisticated semiconductor technology to Chinese companies. And Congress passed a bill that would force the sale of China’s TikTok to an American buyer amid concerns that the social media platform could be used to sway public opinion.
Cybersecurity has become a top priority for Microsoft after it was discovered last year that its cloud systems had been breached by state-sponsored Chinese hackers. The cyber attack came ahead of Secretary of State Anthony Blinken’s visit to Beijing in June 2023, further exacerbating tensions between the US and China. The hack raised major red flags about Microsoft’s security practices. In April, the federal agency released a scathing report that found Microsoft’s “security culture was inadequate.”
In March, a US federal court charged a group of Chinese hackers with a separate set of cyber attacks that occurred in 2018. The Chinese embassy in Washington DC said the allegations were baseless. “Without valid evidence, the US jumped to an unjustified conclusion and made baseless accusations against China,” embassy spokesman Liu Pengyu said at the time.
As the relationship between the US and China becomes more strained, both sides are trying to defend the other’s cyber capabilities. Starting in 2023, Chinese government-backed companies have ordered employees to stop using foreign smartphones from manufacturers such as Apple and Samsung. Meanwhile, China tried to spy on parts of the US with its own covert methods. Early last year, China sent several spy balloons to the US. Even electric vehicles and connected cars have been caught in the crosshairs, which is believed to be a covert way to track Americans. The Biden administration is considering a ban on all Chinese smart cars after a national security investigation found they collect passenger data and use external sensors to gather information about US infrastructure. Recent Luck investigation found that Chinese self-driving cars have already driven 1.8 million miles on American roads.
Those tensions only rose after a report released on Tuesday by an Australian intelligence consortium including those from the US, UK, Japan and Germany detailed repeated cyber attacks by China’s top spy agency.