Apple, whose iconic iPhones are now used by roughly 50% of Americans and just over one billion more people worldwide, is expanding data security measures for iCloud.
The tech giant has now added what it claims are advanced new security and data privacy features for keeping users of its cloud service protected. Among these are enhanced protections for data such as backed-up photos, Notes and other categories of information.
Instead of continuing to only offer users on-device encryption for different data categories, Apple is giving iCloud customers access to end-to-end (E2E) encryption for nearly everything.
According to Apple, its previous protections with iCloud delivered E2E encryption for 14 sensitive data categories that included passwords in the iCloud Keychain, health data and so forth.
Now, with its new Advanced Data Protection protocol, the range of these categories jumps to 23, which include iCloud Photos, Notes and others.
There are however still exceptions. These include Mail, Contacts and Calendar data since these have to actively be readable because of “the need to interoperate with the global email, contacts, and calendar systems.”
This new Advanced Data Protection Standard is now Apple’s highest level of cloud security for users of its devices. Customers have the option of activating it as they choose.
In addition to the above, Apple is giving its iMessage service better security by enabling Contact Key Verification, which is aimed at users who face what the company calls “extraordinary digital threats”.
These kinds of users might include journalists, photojournalists, dissidents, human rights activists and NGO staff in the field. With Contact Key Verification, users can add an extra layer of verification to messages so that they can only be read by their intended recipients.
In Apple’s own words,
“Conversations between users who have enabled iMessage Contact Key Verification receive automatic alerts if an exceptionally advanced adversary, such as a state-sponsored attacker, were ever to succeed breaching cloud servers and inserting their own device to eavesdrop on these encrypted communications,”
Apple then adds, “And for even higher security, iMessage Contact Key Verification users can compare a Contact Verification Code in person, on FaceTime, or through another secure call.”
As a final step, Apple has also added Security Keys, which gives user the option to introduce third-party hardware keys for message access.
Basically with these, a user’s two-factor authorization mechanism with iCloud can now include a hardware security token as one of the two factors. According to Apple, “This takes our two-factor authentication even further, preventing even an advanced attacker from obtaining a user’s second factor in a phishing scam,”
The above Advanced Data Protection features for iCloud are already available for users in the United States who are enrolled in the Apple Beta Software Program. They’ll then be made available to the general public by the end of the year. Security Keys and Contact Key Verification for iMessage will be available by 2023.
If you’re a photographer working in the field for sensitive projects, or if you just want to keep your iCloud-stored photos extra safe from intrusion and exfiltration, these features can be a handy option in many contexts.
For general photo protection on non-apple devices, we’d strongly recommend always having a backup solution covering all of your photographic work.
This should include both encryption and dual backup. This basically means having a second local copy of all photos on an external drive that you can access immediately, along with cloud backup and sync that keeps your work safe on remote servers.
Most remote backup providers offer encryption by default and there are easy-to-use software options such as Cryptomator and others for encrypting your drive-stored files.
It’s definitely not fun to see crucial personal and project photos lost, accidentally destroyed or stolen. Fortunately, it’s not hard to avoid these disasters.