Not too long ago the term “The Cloud” was a mysterious description for all data we do not store on our own devices.
Few people understood what the Cloud was 3 years ago. Things have changed now, but the average consumer still struggles to understand the intricacies of storing and sharing private content with Cloud based applications.
Today, over 782 million Apple users are comfortable with logging into iCloud. They are also using other cloud-based apps that gather private user data, with or without informed consent.
As iCloud adoption increases, cybersecurity and privacy risks become more and more complex, and users should be informed. This is what this article is about - helping you take the right action towards protecting your privacy.
Last week Apple rolled out an exceptional iOS 10.3 update , which included an interesting change in the way privacy is treated. Apple will use differential privacy on iCloud user data, meaning users have to turn on or off data sharing for analytical purposes.
The same iOS 10.3 also includes numerous notifications promoting 2FA adoption. Analysts from Technavio forecasted that global 2FA adoption will grow at a CAGR of 23.57% during the period 2017-2021.
Hence, the security of your iCloud account at the moment does require your full attention. We aim to make it easy for you, and have compiled a quick to-do list of actions you can choose to take to increase the security of your iCloud account.
Tips for protecting your iCloud account privacy
1. Make an iPhone backup now
Regular backups are so important, there’s even a dedicated World Backup Day for it. Despite better awareness and habits around the average smartphone users population, users might still lose data because the backup process is not done properly.How:
1. Connect your iPhone to your computer now, and review your current settings:
2. Are your devices set to back up automatically to iCloud or are they backed up locally, via iTunes? Are you happy with this option?
3. Did you select all relevant media folders to be backed up? Perhaps you might want to also back up your latest favorite photo editing App, or your newly installed gif maker, dating app, or contact list.
4. If you are happy with the settings, make sure you have enough Cloud storage available to fully back up your device. Either add an extra 50GB for $0.99, or make a local backup and copy that backup to your preferred cloud storage service (Dropbox, Box)
5. Double check the backup doesn’t have any errors
6. Add a reminder to your calendar to go through the same process next month.
2. Turn on two-factor authentication on iCloud
Two-factor authentication is a account owner verification process that is triggered whenever unusual activity is detected, in association with your iCloud account, login activity, and purchases. Apple introduced 2FA in 2016, and Reincubate has been providing support for this feature ever since.
Even if you have a solid password, and are always careful with your devices, you may sometimes forget to log out from one device you used at work or 2 months ago when you used your buddy’s phone because yours was out of battery.
Social engineering (talking someone out of their credentials), password guessing, and non-iCloud hacking can also lead to various forms of privacy invasion.
Brute force attacks are at the very dark end of iCloud hacking attempts, and sadly, it could happen to anyone.
If you want something more than just your password to protect your Apple ID for iCloud and iTunes, then two-factor authentication is your best option.How:
On your iPhone, iPad, or iPod touch with iOS 9 or later:
Go to Settings > iCloud > tap your Apple ID.
Tap Password & Security.
Tap Turn on Two-Factor Authentication.
On your Mac with OS X El Capitan or later:
Go to Apple menu > System Preferences > iCloud > Account Details > Click Security.
Click Turn on Two-Factor Authentication. Details
Note:Be aware that when you change your Apple ID to two-factor authentication, it's a one-way journey. You can only change your password afterwards by using the two-factor method.
Without a second code (randomly generated in real-time), anyone who wants to access the account won't manage to get in -- even if they have your username and password. So, the bad guys will get locked out and you'll get a pop-up or a text message alerting you if and when they're trying to get in.
This is what you would see on an Apple device with 2FA engaged when a login from a new location is attempted. Screenshot by John P. Falcone/CNET.
3. Change your password frequently and create strong ones
If it's not too annoying for you to change your password every 6 months, go ahead and take 5 minutes now to update one today, before World Backup Day finds you unprepared.
To change your password you simply need to log into Apple’s Apple ID management web portal here: appleid.apple.com. Once there, log in with your iCloud username and password and then under the Security header, click Change Password.
If you want to see examples on what passwords you should avoid here is an article on the most common used passwords. We also suggest changing the security questions answers.
Apple will always prompt users to use security questions and answers to help users, and it is important that you change these often. A hacker may only need to access your emails or synced accounts to identify the name of your partner or your pet. Safeguard your iCloud account by refreshing the questions every month or so and using incorrect answers where possible.
Combine capital letters and numbers to form a completely secure password. Security company McAfee suggests avoiding password terms that include personal information, like your birthday, pet's name or a favourite colour, because they're easy for hackers to guess. Don’t choose any favourite band, your birth place or any other relatable guess as your iCloud password.
Consider using phrases to protect the integrity of your account, which are easy for you to remember as an individual but extremely difficult for existing software to translate.
Ideal passwords are at least 14 characters long. Replace certain letters with numbers or symbols (beardak0tast@arhip, for example).
If you are not sure how strong is your password there are free online tools that can check the strength.Examples: password.kaspersky.com/ & passwordmeter.com
Bonus tip: Try a password managerChoose a password manager that creates strong and unique passwords for you.
4. Check once more all devices you used to sign in to iCloudTo see this go to iCloud.com - Settings and you will see “My Devices” in the page showing all devices you are signed in.
5. Sign out all browsers
If you have logged in iCloud on the web on a computer that is not yours (like a work computer, a friend’s computer, or one in an internet cafe) and forget to logout, it’s recommended that you do it using this option.
How: Go to iCloud.com and log in with your username and pass. Select the Settings icon. At the very bottom of the screen you’ll see a blue link that says Sign Out Of All Browsers. Click it and you’ll be signed out of all browsers on any device anywhere in the world where you are signed into your iCloud account.
6. Use Only Secure Wireless Networks to Transfer DataAs a security measure, Apple encrypts all files that are sent to iCloud and stores them in this format. This security wall can be penetrated by sophisticated hackers. Take charge and always make sure you transfer iCloud data between devices over a secure wi-fi connection (for example, the ones you connect to using an alpha-numerical password). Avoid Public networks such as wireless hotspots or those accessible through coffee shops (they are vulnerable to security breaches).
7. Enable “Erase Data” to delete data after 10 failed passcode attempts.If your device ever gets in the hands of a stranger it's best to avoid them from viewing your iPhone data and this solution should help.
How: Settings > Touch ID & Passcode > Erase Data
8. Turn on “Limit ad tracking”.Ad tracking is used by advertising networks to trigger ads at you in apps. If you limit this it restricts tracking of ads across apps.
How: Settings > Privacy > Advertising
9. Turn off access to sensitive data for apps that don’t need it.To keep you data private you could also restrict access to the apps that don’t need it, for example access to your contacts, calendar, photos, etc.
How: Settings > Privacy > Contacts, etc.
10. Backup your data on your Mac or PC.Doing this will help on having the phone data safe in your PC or Mac even if your iCloud data gets hacked or deleted by accident.
A. How to backup with iTunes:
1: Connect you iOS device to PC/Mac.
2: Turn on iTunes and go to top-left corner and, under the Play controls, you will find the mobile icon. Click/tap it.
3: Click on the Summary and in the left column, select "This computer".
B. How to back up with iCloud
1. Connect your device to a Wi-Fi network.2. Go to Settings > [your name], and tap iCloud. If you’re using iOS 10.2 or earlier, go to Settings, then scroll down and tap iCloud.
3. Click iCloud Backup. If you're using iOS 10.2 or earlier, tap Backup. Make sure that iCloud Backup is turned on.
4. Tap Back Up Now. Stay connected to your Wi-Fi network until the process completes.
5. Make sure that the backup finished: Go to Settings > [your name] > iCloud > iCloud Storage > Manage Storage, then select your device.
If you’re using iOS 10.2 or earlier, go to Settings > iCloud > Storage > Manage Storage, then select your device. The backup should appear in the details with the time and backup size.
By changing your iPhone default settings, you can increase the security of your device. To protect your data, activate 2FA on your iCloud account and make sure that iCloud Backup is turned on.
As a company, data privacy and security are in our DNA. The iPhone Backup Extractor is built to ensure compatibility with all extra security measures made available to Apple users, ensuring that our product is used by legitimate iTunes and iCloud users who pass all authentication stages associated with accessing a backup either locally or in the cloud.
Do you know any other methods to protect your iCloud account? Use the comment field below and share your ideas.