Apple has announced three new security features for enhanced protection of its users’ data: iMessage contact password verification, Apple ID physical security keys, and iCloud advanced data protection. The company claims to use strong security technologies and strict data protection policies, unaware that a user’s data has ever been stolen through a breach of iCloud servers, but sees constant attempts to gain access to their servers, as is the case with all large companies.
Apple commissioned a research paper from Dr. Stuart Madnick of the Massachusetts Institute of Technology (MIT), The Growing Threat to Consumer Data in the Cloud, which he published last year. The document states that the number of data breaches more than tripled between 2013 and 2021. As user data becomes more concentrated in the cloud, it has become an increasingly valuable target, because Cyber criminals pursue to steal data in bulk to commit blackmail, extortion and fraud. There are also highly targeted attacks to steal the cloud data of a minority, such as journalists, activists, and government employees, without directly attacking their devices.
Interface for using security keys in Apple ID
Apple
Personal information is more at risk in the cloud than on the device. A worrying fact is that the majority of large companies in the United States, over 60%, including some that have excellent security practices, have seen their data compromised. So now it considers that to fully protect users’ personal data, its more advanced protections must also extend beyond the device, to the cloud, so that only the user controls access to their data.
One of those reinforcements are physical security keys. Those people who need to add an extra layer of security to their identification at login, will be able to mark the need for this hardware, which can be connected to an iPhone as well as to a Mac computer.
Contact Verification Code
Apple
The second measure is a reinforced verification for iMessage. With this feature, which will be available worldwide later this year, users can compare a contact verification code before allowing communication. Apple assures that it has never seen an attack against iMessage like the one that this measure tries to prevent, but considers that the increase in security breaches in the cloud advises to implement it for greater peace of mind.
Advanced protection in iCloud
Apple
The latest is the use of end-to-end encryption in iCloud, which started in its day with passwords and credit card information and later expanded to others like health data. The new full encryption option increases the number of protected data categories from 14 to 23, covering the majority of users’ total iCloud data.
