Microsoft will require its employees in China to only use iPhones because of improved security features.
The move comes as Microsoft is undertaking a major cybersecurity overhaul. The project, known internally as the Secure Future Initiative, comes after Microsoft came under fire for its substandard security practices. Microsoft’s new policy, which goes into effect in September, means employees in China will only be allowed to use iPhones for work, as first reported by BloombergThe new rule is intended to effectively limit the number of Android phones used by Microsoft’s Chinese employees.
Microsoft will require employees to verify their identity and use two-factor authentication when logging in to their work phone.
Microsoft had to ask its employees to use iPhones only for work because certain security apps like Microsoft Authenticator and the Identity Pass app weren’t available on other operating systems in China. In the US and other countries, those two apps are also available on Google Play. But Google Play isn’t active in China, meaning Microsoft employees could only get the relevant security apps on an Apple iPhone.
“Due to the lack of availability of Google Mobile Services in this region, we are working to provide employees with a way to access these required apps, such as an iOS device,” a Microsoft spokesperson said. Fortune in an email.
Employees in China who don’t have an iPhone will get one from Microsoft, according to Bloomberg.
Chinese Android phones from companies like Huawei and Xiaomi have their own platforms. Microsoft’s ban on Chinese smartphones is an example of a divergent digital ecosystem between China and the US, with the two governments and major companies that work with them increasingly reluctant to give each other access to sensitive materials.
China has its own search engines and social media platforms, where American giants like Facebook are banned. Its internet censors are legendary for their breadth and severity. Meanwhile, in the US, the White House has restricted the export of cutting-edge semiconductor technology to Chinese companies. And Congress has passed a bill that would force the sale of China’s TikTok to a US buyer over concerns that the social media platform could be used to influence public opinion.
Cybersecurity became a top priority for Microsoft after it was discovered last year that its cloud systems had been compromised by state-backed Chinese hackers. The cyberattack came ahead of Secretary of State Anthony Blinken’s visit to Beijing in June 2023, further exacerbating tensions between the U.S. and China. The hack raised major red flags about Microsoft’s security practices. In April, a federal agency released a damning report concluding that “Microsoft’s security culture was inadequate.”
In March, a U.S. federal court indicted a group of Chinese hackers for a separate series of cyberattacks that took place in 2018. The Chinese embassy in Washington, D.C., said the charges were baseless. “Without valid evidence, the U.S. drew an unwarranted conclusion and made groundless accusations against China,” Liu Pengyu, an embassy spokesman, said at the time.
As relations between the U.S. and China have become increasingly strained, both sides have tried to block the other’s cyber capabilities. Since 2023, Chinese government-backed companies have ordered their employees to stop using foreign smartphones from manufacturers like Apple and Samsung. Meanwhile, China has tried to surveil swaths of the U.S. with its own covert methods. Early last year, China sent several spy balloons into the U.S. Even electric vehicles and connected cars have come under scrutiny, seen as a covert way to surveil Americans. The Biden administration is considering a ban on all Chinese smart cars after a national security investigation found that they collect passenger data and use external sensors to gather information about U.S. infrastructure. A recent Fortune Research has shown that self-driving cars in China have already traveled 2.9 million kilometers on American roads.
Those tensions have only increased after a report published on Tuesday by an Australia-led coalition of intelligence agencies including those from the US, UK, Japan and Germany detailed repeated cyberattacks by China’s top spy agency.