WWDC: Why iCloud+ will help secure the enterprise
One of the biggest surprises of WWDC 2021 was Apple's introduction of iCloud+, an upgraded version of its existing service available at no additional charge that provides secure emailing and VPN-style security for users.
iCloud just became a useful business tool
The introduction of these features will transform iCloud into a very useful remote business tool, though it will be interesting to see whether all these features will be available to enterprise folks making use of Managed Apple IDs for their business tools. For the present let's assume they will, given the deep value they promise to those in that sector.
These new tools mean \ iCloud-using employees:
A game of cat and mouse
Apple will continue to invest in these protections. Apple's Crag Federighi, vice president of software engineering, confirmed that Apple sees cybersecurity as an ongoing challenge, telling Fast Company:
In a sense, Apple's decision to secure its platforms reflects the reality that it is becoming a more viable target as its place in the enterprise grows.
Star of the show: iCloud Private Relay
Private Relay is a built-in internet privacy service that exists inside iCloud. It is designed so that you can connect to and browse the web using Safari in a highly secure way, protecting both the site requests you make and the places you visit from being identified.
This encrypts traffic (such as web destinations) leaving your device, making the requests unreadable, even by Apple or the network provider.
It works like this:
The system raises the bar for personal security by hiding who is browsing and where the data is coming from; it effectively means you now have a free VPN in Safari.
In a WWDC presentation, Apple explained that Private Relay will also include DNS queries and some traffic from apps.
What will work with iCloud Private Relay?
Apple says iCloud Private Relay will work with:
What won't work with iCloud Private Relay?
Apple also said iCloud Private Relay will not work with:
Federighi says that classic VPN protection means you must put trust in your provider.
In other words, Apple's system may be better than a VPN, as while VPN providers know who you are and what you see, Apple doesn't have that information. Such protection seems a necessary step, given the number of unsavory and untrustworthy VPN services that seem to exist.
At its simplest, it makes targeting an Apple user much harder, which also makes doing so far more costly. This should reduce the overall risk environment, though one should never take security for granted.
You'll use Hide My Email
Loosely built around Sign in with Apple, Hide My Email lets you share unique, random email addresses that forward messages to your personal inbox, rather than sharing your actual email address. This tool, which is built-in to Safari, iCloud Settings and Mail, is far better than the ad hoc alias system we've used until now that's controlled in iCloud online. It also lets users create and delete as many addresses as required.
Put simply, it means you and your Apple-device-wielding employees now have an unlimited supply of burner email addresses you can use when security matters.
iCloud+ also lets you use a custom domain name. Apple is positioning this as a family-focused service. That means a family that owns a domain such as SmithFamily should be able to create a string of email addresses such as [email protected] that will work and be recognized by iCloud.
We don't have much detail on this yet, but it will be interesting to see whether this extends (or can subsequently be extended) to managed Apple IDs for use in business.
The Digital Legacy tool
Do you remember the old day when in the event a senior employee passed away it might have been impossible to get the strategy document they were working on off their device - even with help from their grieving family?
This shouldn't be a problem anymore with Digital Legacy. This lets users appoint relatives or friends as people permitted to access digital data such as photographs and other personal data left in a person's iCloud account after they pass away.
To set the feature up, a person must specify who can access the account in the event of their death. These Legacy Contacts will then be able to access that account, though they will have to go through a verification process of some kind, details of which are not currently clear.
We think there will be a lot more to learn concerning iCloud+. After all, the notion of a "plus" service means there will still be a basic service, and I can't help but wonder whether that might see the free 5GB service maintained but slightly enhanced.
There are also some useful changes in the recovery feature, which will now permit you to assign friends or family members who you can trust to receive security codes on your behalf if you lose your device.
The prices remain the same: 50GB storge with one HomeKit Secure Video camera (99 cents per month), 200GB with up to five HomeKit Secure Video cameras ($2.99 per month), and 2TB with an unlimited number of HomeKit Secure Video cameras ($9.99 per month).
The number of cameras used to max out at five, and the storage for those cameras no longer counts against your iCloud limit. Existing iCloud users (presumably those on paid tiers) will be upgraded to iCloud+ this fall when iOS 15, iPadOS 15 and macOS Monterey ship.
Please follow me on Twitter, or join me in the AppleHolic's bar & grill and Apple Discussions groups on MeWe.