Apple have made serious changes to their device-wide encryption in iOS5. What does this mean for hackers, and what does it mean for users?
Although a lot of fuss has been made about the US-government-recommended AES encryption bundled with the device – widely regarded as ‘unbreakable encryption’ – the thing that really separates the iPhone is user behaviour. Users typically have PINs on the device, and it’s really easy to download apps that offer additional layers of protection.
Let’s take, for example, additional encryption services. DES, which is widely used in Mac OS X, is an additional encryption service that was developed during the 1970s at IBM. Despite its age, it offers extremely high-level security for files. There are apps that can encrypt files and folders on the iPhone via the DES standard. These apps can be found on other platforms, too – DES is not native to Apple.
But the thing that’s making the big difference is in how users are managing files. With the shift to cloud computing and cloud storage, increasing numbers of users are choosing to host their files ‘off-device’ via a third-party company. Businesses may be investing in enterprise-level cloud management packages as offered by larger companies, and individuals may see some benefit from tagging along. Most people can, using the tools supplied by their cloud storage provider, manage their cloud accounts quite effectively. Businesses, with their greater volume of data and personnel, will want to think about a more sophisticated solution.
So what is ‘effective personal cloud management’? First up, there’s the password. There are hosts of guides to creating a good password on the internet, but the rules are simple: use many characters, mix up capitals and lower-case type, and make it long. It’s best if it’s nothing memorable: common words are to be avoided, if possible. ‘Brute force’ attempts to creak passwords use ‘dictionary-based attacks’, where they cycle through word after word, seeing how the encryption mechanism reacts.
But there’s more to good cloud management than this. First of all, be judicious about your sharing. Most cloud services offer a highly security-conscious way to allow users access to your files in such a way as to closely regulate their permissions while they do so. Again, if you’re a business, this sort of thing is best handled by a dedicated cloud management team.
Smartphones are built with a host of features to make them as safe as possible, but there are key rules to follow to ensure that your data remains protected. The real trick to great encryption is ‘multiple layers’: different services, different passwords, layered on top of one another. Sure, it’s a pain when you’re accessing your files. But that’s exactly how you want a hacker to feel.