iCloud, pri­vacy and se­cu­rity

Wor­ried about the safety of cloud ser­vices? Keep your ac­count and data safe as houses

Mac Format - - FEATURE -

So­cial engi­neer­ing could en­able some­one to get past se­cu­rity ques­tions if they know enough about you

Se­cu­rity and pri­vacy are ma­jor con­cerns when util­is­ing any

cloud-based ser­vice. With wor­ry­ing reg­u­lar­ity, news re­ports re­veal yet another high-pro­file in­dus­try gi­ant has been hacked, pass­words and user data un­cer­e­mo­ni­ously hurled into an in­ter­net back­wa­ter. And, ul­ti­mately, any data that’s on­line could in the­ory be ac­cessed by some­one other than you. For­tu­nately, though, Ap­ple makes it ex­tremely tough for any­one to break into your ac­count, through a mix of tech­nol­ogy and rec­om­men­da­tions.

Ap­ple states iCloud “uses a min­i­mum of 128-bit AES en­cryp­tion – the same level of se­cu­rity em­ployed by ma­jor fi­nan­cial in­sti­tu­tions – and never pro­vides en­cryp­tion keys to any third par­ties”. Ap­ple adds that en­cryp­tion keys for the likes of iCloud Key­chain (which syncs Sa­fari user­names and pass­words, pay­ment card info, and Wi-Fi net­work de­tails) are cre­ated on your de­vices, and Ap­ple can’t ac­cess the keys, nor can it see or ac­cess your data. When set­ting up, de­vices re­quire ap­proval from another, al­ready autho­rised de­vice to en­sure noth­ing dodgy is go­ing on.

But when it comes to sim­ply signing into iCloud Drive and other ser­vices or con­tent that use your Ap­ple ID, they are by de­fault pro­tected only by your user­name and pass­word. The for­mer is an email ad­dress and may be easy to guess; there­fore, en­sure your pass­word very much isn’t. Sim­i­larly, when asked to in­put an­swers to se­cu­rity ques­tions, there’s scope for ob­fus­ca­tion. So­cial engi­neer­ing could en­able some­one to blaze through such a thin bar­rier if they know enough about you, but not if rather than en­ter­ing your mother’s ac­tual maiden name, you in­stead use a string of sym­bols that you note down some­where safe so you your­self can later re­fer to them.

Un­der lock and key

To fur­ther se­cure your ac­count, turn on two-factor au­then­ti­ca­tion. This can be started in Sys­tem Pref­er­ences’ iCloud pane: click Ac­count De­tails, then the Se­cu­rity tab. Turn on two-factor au­then­ti­ca­tion and run through the process. Once done, when you sign in to Ap­ple ser­vices us­ing your Ap­ple ID you’ll be asked to ver­ify your iden­tity with a six-digit code sent to another de­vice or a phone num­ber you trust.

When it comes to pri­vacy in gen­eral, it’s also worth not­ing that Ap­ple talks about the sub­ject a lot, in­clud­ing at its high-pro­file events. Ap­ple wears high stan­dards when it comes to pri­vacy like a badge of honour, be­cause it wants you to trust the com­pany and sell you more hard­ware and ser­vices. You’re not the prod­uct in the re­la­tion­ship – which isn’t the case to the same ex­tent with some of Ap­ple’s com­pe­ti­tion.

To read more about Ap­ple’s stance on iCloud se­cu­rity and pri­vacy, read its tech note at ap­ple.co/2ezyxUN. The com­pany also of­fers a spe­cific note re­gard­ing se­cu­rity and iCloud at ap­ple.co/2ezyxUN.

Your Ap­ple ID should have a strong pass­word as its first line of de­fence.

You can add a sec­ond se­cu­rity step to boost protection of your Ap­ple ID.

Newspapers in English

Newspapers from Australia

© PressReader. All rights reserved.