Apple expands iCloud encryption, boosts MFA with security keys – Cybersecurity Dive




Apple’s latest efforts in data privacy and user protection could mitigate some of the security challenges organizations confront by allowing employees to access company information via personal devices.
The common, almost universal practice known as bring your own device (BYOD), presents organizations with unique challenges and threats.
The National Cybersecurity Center of Excellence, under the National Institute of Standards and Technology, is drafting guidance for specific industries and business types to help organizations maintain a defensive posture.
Apple said it’s committed to strengthening device and cloud security by adding protections over time.
The company said it designed Security Keys for high-profile users, such as celebrities, journalists and government officials. The feature can prevent “an advanced attacker from obtaining a user’s second factor in a phishing scam,” Apple said in a statement. 
Hardware-based security keys provide one of the highest levels of security for multifactor authentication setups, according to Craig Lurey, CTO and co-founder at Keeper Security.
Advanced Data Protection for iCloud adds another layer of security by ensuring that Apple users can only decrypt iCloud data with trusted devices.
“Apple has introduced these important security features to keep pace with the threat landscape and threats to privacy,” Melissa Bischoping, director of endpoint security research at Tanium, said via email.
“By leveraging these features, you can know that your data is encrypted. Even if the company holding the data is breached, you have additional assurance that you will not be a secondary victim,” Bischoping said.
Security Keys will be available globally in early 2023. Advanced Data Protection for iCloud will be available to all customers in the U.S. by the end of the year and globally in 2023.
Get the free daily newsletter read by industry experts
Security executives from Zoom, NS1 and Oomnitza shared their security priorities for the rest of 2022, with a special emphasis on mastering the basics. 
Threat actors lean heavily on phishing attacks, vulnerabilities in software and containers, and stolen credentials, according to top cyber vendor research.
Subscribe to Cybersecurity Dive for top news, trends & analysis
Get the free daily newsletter read by industry experts
Want to share a company announcement with your peers?
Get started
Security executives from Zoom, NS1 and Oomnitza shared their security priorities for the rest of 2022, with a special emphasis on mastering the basics. 
Threat actors lean heavily on phishing attacks, vulnerabilities in software and containers, and stolen credentials, according to top cyber vendor research.
The free newsletter covering the top industry headlines

source


CyberTelugu

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top

Adblock Detected

Please consider supporting us by disabling your ad blocker

Refresh Page