Encrypt your iCloud data now (so only you can get to it)

For the longest time, I fought putting anything important in any cloud service, with the notable exception of my email. The reason? Most clouds do not encrypt your data such that only you can read it. In many cloud services, everything is stored as a plain file or plain text. In other cloud services, while your information may be technically encrypted while stored in the cloud, there are a few select employees that can still read all of it.

A new setting called in Apple’s iCloud, called Advanced Data protection, has convinced me that maybe the cloud isn’t so bad, after all.

You aren’t the only one who can access your data, even if it is encrypted

At most cloud providers aimed at home users, you are generally protected against someone externally accessing your account and copying your data. The cloud providers (think Gmail, Yahoo Mail, Microsoft’s Outlook.com and Hotmail.com, Facebook, TikTok, etc) have protections against people impersonating you. They’ll work to prevent logins from odd locations, stop rampant password guessing, and more, in the name of protecting your account.

These protections are notably limited, though. If an attacker is able to guess your password or somehow authenticate as you, they will still be able to get into your account, if the data sits unencrypted on the server.

Worse, if the data is unencrypted, malicious employees could administratively reset your account or view your account, using permissions they are granted for business purposes, such as resetting user passwords that have been lost. If those people are not carefully supervised, abuses can happen. In 2022, Facebook fired dozens of employees for improperly accessing accounts — some in return for cash payments.

Even if the company encrypts the data on disk, they generally keep the key to unlock your data somewhere, so it would still be technically possible to recover it.

With the default iCloud encryption settings, an Apple employee can technically access much of your data, even if it is encrypted in the iCloud, because Apple maintains a copy of the decryption key. This means that an employee with proper permissions to the iCloud can recover your encrypted data. It’s unlikely, but possible.

So a good thing to keep in mind is if you are syncing your data to the iCloud, with default iCloud encryption, you’re not technically the only one who can see your data in the cloud.

iCloud is encrypted now, but you can the encryption end-to-end, so only you can access the data

With the release of iOS 16.2, Apple allows you to turn on a feature called Advanced Data Protection. This feature stores the encryption keys that allow the decryption of your personal iCloud data on your devices themselves, and only on your devices: iPhones, iPads, Macs, and Apple Watches. This obviously means only someone with full access to your devices can access your data, but they can’t login to your account on a previously unknown computer and gain access without an explicit authorization from one of your current devices.

Thanks to a helpful explainer from Apple, we now know that, once you turn on iCloud Advanced Data Protection, the only thing that isn’t fully encrypted are your iCloud email messages, iCloud calendars, and your iCloud contacts. Everything else — iCloud photos, iMessages, Notes, Reminders, Safari browsing history, voice memos, and Siri queries — suddenly become inaccessible to anyone but you.

You can still recover, if you lose all of your iDevices (but only if you want)

In order to ensure that your account is recoverable if you ever lose access to the Apple devices that store your encryption key, you can choose one or more backup methods. The first method is to print a 28 character password that will allow you to restore your iCloud data.

The second possible is to designate one or more trusted iCloud contacts as someone to hold your backup encryption key. A recovery contact can provide you access to the encryption key, but Apple says that contact will never be able to see your data. Apple says it does not even know who the contacts are, so you need to remember them yourself.

Just remember if you lose your 28 character password or your iCloud contacts refuse to give you the encryption key back, all of your data in the iCloud is gone and non-recoverable.

But then again, if you’re like me, you’d much prefer the loss of all of your iCloud data rather than an unknown third party accessing it.

Who is this for

iCloud Advanced Data Protection is for those of us who never really trusted the cloud in the first place, and is especially for those with potentially high profiles like journalists, celebrities, and politicians.

One more thing

Finally, don’t forget that your encryption key is only as safe as your least secure Apple device. If you turn this on, but set your password to your laptop or iPhone as ‘1234’ or ‘password’, you have made it much easier for someone to get the encryption key. After all, the end-to-end encryption key that unlocks the iCloud data protected by Advanced Data Protection is on your device, so don’t leave your device unsecured.

If you’d like to turn on this feature and ensure that only you can access your iCloud data, Apple has good instructions on how to enable Advanced Data Protection.

Jerry Galvin has over 17 years of experience in engineering, vulnerability management, and cybersecurity operations. He currently works as a Business Information Security Officer.