According to Business Insider, if your iCloud account has been hacked, a full backup of your account can be downloaded. This gives the hacker complete access to all your personal information. Here is a scarier thought, not only will the hacker have access to all your personal data, but they will have the ability to stalk you in real time by using the Find My iPhone feature.
Apple this week rolled out a new version of its operating system running mobile devices such as iPads and iPhones. It also announced it will no longer be able to comply with requests of law enforcement to unlock the encryption governing those phones. Moving forward, accessing encrypted data on an Apple smartphone or tablet will only be possible by the owner of that device.
Last month I wrote about the necessity of performing Pre-Boot Authentication (PBA) in order to get the full benefit of confidentiality that Full Disk Encryption (FDE) can provide. However, there are some environments where corporate security policy might allow for a less secure configuration as tradeoff for better usability. For example, I have conceded in the past that if a user is within the physical confines of his company, say travelling from one floor to another for a meeting, that sleep / standby (S3) might be an acceptable risk.
Next week we head to Boston, MA for the Campus Technology 2014 event. With a number of key customers that are in the education space, we have a solid grasp of the needs and complexity of dealing with data encryption in education.