FEATURE iCloud superguide
30 | MACFORMAT | SEPTEMBER 2019 macformat.com @macformatSecurity and privacy
Calculate how much space you and your family will need, and how much it’ll cost you
A
pple explains, at bit.ly/
mficsecov, the levels of
security that apply to
iCloud data. It makes a
distinction between ‘encryption’ and
‘end-to-end encryption’. The latter
means your information can be accessed
‘only on devices where you’re signed into
iCloud. No one else, not even Apple’ can
read it. Even if a court ordered Apple to
decrypt your data, it couldn’t.
The list of information stored using
end-to-end encryption is short: Messages,
your iCloud Keychain (which syncs all
your saved passwords and logins),
payment details, Home and Health data,
Siri records and a few more bits and bobs.
Still, everything else – including your
photos, backups, and everything in iCloud
Drive (Files) – is encrypted in transit and
on the server, so it should be safe if
someone hacked Apple’s servers or
intercepted traffic between you and
Apple. Apple just doesn’t promise it has
no way to decrypt this data itself.
This should probably satisfy anyone
not anticipating the authorities goingafter their data through the legal system.
Apple discusses, at bit.ly/mfapsecpriv,
how often this actually happens – a few
hundred times a year in the UK – and
how it’s handled.
The exception to all of this is Mail:
your email traffic is encrypted in transit,
but not on Apple’s IMAP servers. Email
is insecure by nature. You could alwaysencrypt files yourself by some other
means before emailing them (or indeed
storing them in iCloud).Two-factor authentication
Two-factor authentication improves
security for your Apple ID compared to
the previous ‘two-step verification’. It
means you’ll need to receive a code as
well as entering your password when
logging in on a new device. The code
normally comes via an existing trusted
device, but you’re also asked for one or
more phone numbers that can receive
codes. Any phone will do, even a landline.
To maintain security, use hard-to-guess
passcodes on all your devices and
macOS user accounts.
Two-factor authentication really isn’t
any hassle, because it only kicks in when
you buy a new device, erase one or switch
it between Apple IDs. It can only go wrong
if you forget your Apple ID password and
lose access to all your trusted devices and
phone numbers at once, and there’s an
account recovery process for that,
although it can take a few days.3
Remove unnecessary devices
Log in and go to Settings. You’ll see all
the Macs and devices associated with your
Apple ID. If there are any that you don’t
currently use, click one and, after reading
the advice link at the right, click the cross
by its name.2
Check authorised devices
Anyone who gets hold of any of your
devices is a big step closer to breaching
your iCloud security. Use strong
passwords (this still matters if you use
Touch ID or Face ID!). Which devices are
on your account? Check at iCloud.com.1
Turn on 2FA
You can enrol in two-factor
authentication on your Mac or in iOS. in
macOS X 10.11 or later, go to System
Preferences > iCloud > Account Details and
click Security. In iOS, open Settings and
tap your name, then Password & Security.Back to
My Mac?
iCloud’s Back to My Mac remote
access tool was removed in macOS
10.14 Mojave. The alternative, Apple
Remote Desktop, costs £74.99.
Instead, try Google Chrome
Remote Desktop, installed as
an extension to the
Chrome browser.HOW TO Ensure iCloud is secure
