The “Key” to Playing it Safe

Apple this week rolled out a new version of its operating system running mobile devices such as iPads and iPhones. It also announced it will no longer be able to comply with requests of law enforcement to unlock the encryption governing those phones. Moving forward, accessing encrypted data on an Apple smartphone or tablet will only be possible by the owner of that device.

To many, Apple’s news is confusing. We’ve been led to believe that encryption is easily broken. We see it every day on television, on shows such as “24” and movies such as “Ocean’s 11” – the protagonist can effortlessly decrypt a device just by the mere flip of a switch.

But this is untrue. When properly managed, encryption is almost impossible to break. By not storing its own copy of the encryption key, Apple is unable to decrypt the phone. Period, end of story.

By the same token, and probably most important to note is that according to the Washington Post, the data on the phone is ONLY safe if the user has turned on encryption and has protected the phone with a very strong password. Recently, celebrity photos from iCloud accounts were accessed and distributed online. Even if the data is encrypted when it sits in the cloud, hackers just need a user’s password to decrypt it. Reports indicate this is what happened – in the case of the celebrity leaked photos, hackers tried numerous passwords against a given account in rapid succession, and voila – a PR nightmare.

So what’s the lesson learned here?

Never underestimate the importance of key management – not only should companies be encrypting their data in the cloud (and everywhere else for that matter) but they should also be managing access to the encryption keys. Protecting the keys will ultimately result in protecting the data.


Previous Post
Sleep and PBA
Next Post
Only 59 Percent Encrypting in Healthcare IT

Related Posts

RSA 2017: Protecting Data Everywhere

The RSA Conference began in 1991 as a forum for cryptographers to gather and share the latest industry knowledge. In 1997 – just 6 years later – WinMagic launched into the data security market – offering software full disk encryption.…

Yahoo! Security!

It’s always fun to come up with headlines around a brand that has an exclamation point as part of their name, but I digress. What this is really about is Yahoo!’s recent announcement that they’re going to start to encrypt…
Read more

5 Myths About Data Encryption and Decryption

What do you know about data encryption and decryption? Whatever it is, it might not be fully right. There are myths circulating about this topic, myths which can actually hurt your business. We’ve identified five of them, and explain why they’re…

Flexibility in IT

We often talk about flexibility in IT in instances of user-friendly experiences like knowing your Microsoft Word doc will open in Apple’s Pages, or the ability to accept or decline a meeting request from your iPhone with an Outlook account.…

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.

Contact Us

This will close in 15 seconds