Microsoft is mandating that all employees based in China switch from Android phones to Apple iPhones for work-related tasks, citing cybersecurity concerns as the primary reason for this change. The directive requires the use of Microsoft’s Authenticator password manager and Identity Pass app on iPhones to verify employee identities for logging into work devices. Consequently, Android access will no longer be permitted.
According to an internal memo reported by Bloomberg, the affected employees—numbering in the hundreds-will each be provided with an iPhone 15, which they can collect at designated locations in Mainland China or Hong Kong. This policy change means that popular Android devices from brands such as Xiaomi, Huawei, Redmi, OnePlus, and Oppo will be banned for work use.
Microsoft clarified the rationale behind this move in a statement to PCMag, explaining that the necessary apps are only available through the Google Play Store and the Apple App Store. The statement explained, “Microsoft Authenticator and Identity Pass apps are officially accessible on both the Apple App Store and Google Play Store. Since Google Mobile Services are unavailable in this region, we aim to provide employees with a means to access these necessary apps, such as through an iOS device.”
This shift towards utilizing security-focused apps is part of Microsoft’s broader Secure Future Initiative, launched in November 2023 to enhance its cybersecurity framework. Despite these enhanced measures, Microsoft’s corporate email systems were compromised earlier this year by Russian hackers. Additionally, in February, a third-party cybersecurity firm gained access to internal Microsoft data on an Azure cloud server that did not have a password.
The transition to iPhones for Chinese employees underscores Microsoft’s ongoing efforts to fortify its cybersecurity defenses. The move aims to mitigate risks associated with the unavailability of Google Mobile Services in the region and to ensure that employees can securely access the required authentication apps. By enforcing this policy, Microsoft hopes to prevent further breaches and protect its sensitive corporate information from potential cyber threats.