Skip to main content
close search
site logo
Dive Brief

Apple expands iCloud encryption, boosts MFA with security keys

Published Dec. 8, 2022
Matt Kapko's headshot
Senior Reporter
The Apple logo is displayed on the exterior of an Apple Store.
Justin Sullivan / Staff via Getty Images

Dive Brief:

  • Apple on Wednesday introduced security features designed to enhance identity verification using physical security keys and bring end-to-end encryption to many of its services.
  • The company’s two-factor authentication system, first introduced in 2015, is getting an upgrade via a feature called Security Keys. The service allows users to add another layer of identity verification with third-party hardware security keys.
  • Advanced Data Protection for iCloud, another security feature introduced by Apple, extends end-to-end encryption to 23 services in iCloud. Apple asserts that users who opt in to the feature will keep most of their iCloud data protected even in the event of a data breach in the cloud.

Dive Insight:

Apple’s latest efforts in data privacy and user protection could mitigate some of the security challenges organizations confront by allowing employees to access company information via personal devices.

The common, almost universal practice known as bring your own device (BYOD), presents organizations with unique challenges and threats.

The National Cybersecurity Center of Excellence, under the National Institute of Standards and Technology, is drafting guidance for specific industries and business types to help organizations maintain a defensive posture.

Apple said it’s committed to strengthening device and cloud security by adding protections over time.

The company said it designed Security Keys for high-profile users, such as celebrities, journalists and government officials. The feature can prevent “an advanced attacker from obtaining a user’s second factor in a phishing scam,” Apple said in a statement. 

Hardware-based security keys provide one of the highest levels of security for multifactor authentication setups, according to Craig Lurey, CTO and co-founder at Keeper Security.

Advanced Data Protection for iCloud adds another layer of security by ensuring that Apple users can only decrypt iCloud data with trusted devices.

“Apple has introduced these important security features to keep pace with the threat landscape and threats to privacy,” Melissa Bischoping, director of endpoint security research at Tanium, said via email.

“By leveraging these features, you can know that your data is encrypted. Even if the company holding the data is breached, you have additional assurance that you will not be a secondary victim,” Bischoping said.

Security Keys will be available globally in early 2023. Advanced Data Protection for iCloud will be available to all customers in the U.S. by the end of the year and globally in 2023.

Filed Under: Strategy

Editors' picks

Company Announcements

View all | Post a press release
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
Editors' picks
Latest in Strategy
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell