iCloud secures your information by encrypting it when it's in transit, storing it in iCloud in an encrypted format, and using secure tokens for authentication. For certain sensitive information, Apple uses end-to-end encryption. This means that only you can access your information, and only on devices where you’re signed into iCloud. No one else, not even Apple, can access end-to-end encrypted information.
In some cases, your iCloud data may be stored using third-party partners’ servers—such as Amazon Web Services or Google Cloud Platform—but these partners don’t have the keys to decrypt your data stored on their servers.
- Boxcryptor works as an additional security layer for your cloud storage. We handle the encryption, while the cloud storage’s software syncs your files to the cloud. Therefore, Boxcryptor requires the sync client of your cloud provider to be installed on your system.
- The iCloud Bypass process is a legal process that becomes the only way to unlock the iDevice when the iDevice is subjected to the iCloud locked issue. Right now, millions of users become the victims of this issue, but most iOS users haven't any idea about the iCloud Bypass process.
- Our Solution: Encrypt Your iCloud Backup with Boxcryptor And this is exactly what we recommend for iPhone backups. Create the backup locally and then store it encrypted in the cloud of your choice. We have run through the process using an iPhone, a Mac (Catalina), Boxcryptor and the Dropbox as examples.
Boxcryptor Icloud Einrichten
End-to-end encryption requires that you have two-factor authentication turned on for your Apple ID. Keeping your software up-to-date and using two-factor authentication are the most important things that you can do to maintain the security of your devices and data.
Here's more detail on how iCloud protects your data.
Boxcryptor Icloud Photos
Boxcryptor is a security application mainly designed to encrypt files and folders from your cloud storage locations, such as Google Drive, Dropbox or OneDrive. However, it can also encrypt files.
|In transit||On server|
|Backup||Yes||Yes||A minimum of 128-bit AES encryption|
|Safari History & Bookmarks||Yes||Yes|
|Find My (Devices & People)||Yes||Yes|
|Messages in iCloud||Yes||Yes|
|iCloud.com||Yes||—||All sessions at iCloud.com are encrypted with TLS 1.2. Any data accessed via iCloud.com is encrypted on server as indicated in this table.|
|Yes||No||All traffic between your devices and iCloud Mail is encrypted with TLS 1.2. Consistent with standard industry practice, iCloud does not encrypt data stored on IMAP mail servers. All Apple email clients support optional S/MIME encryption.|
End-to-end encrypted data
End-to-end encryption provides the highest level of data security. Your data is protected with a key derived from information unique to your device, combined with your device passcode, which only you know. No one else can access or read this data.
These features and their data are transmitted and stored in iCloud using end-to-end encryption:
- Apple Card transactions (requires iOS 12.4 or later)
- Home data
- Health data (requires iOS 12 or later)
- iCloud Keychain (includes all of your saved accounts and passwords)
- Maps Favorites, Collections and search history (requires iOS 13 or later)
- Memoji (requires iOS 12.1 or later)
- Payment information
- QuickType Keyboard learned vocabulary (requires iOS 11 or later)
- Safari History and iCloud Tabs (requires iOS 13 or later)
- Screen Time
- Siri information
- Wi-Fi passwords
- W1 and H1 Bluetooth keys (requires iOS 13 or later)
To access your data on a new device, you might have to enter the passcode for an existing or former device.
Messages in iCloud also uses end-to-end encryption. If you have iCloud Backup turned on, your backup includes a copy of the key protecting your Messages. This ensures you can recover your Messages if you lose access to iCloud Keychain and your trusted devices. When you turn off iCloud Backup, a new key is generated on your device to protect future messages and isn't stored by Apple.
With two-factor authentication, your account can only be accessed on devices you trust, like your iPhone, iPad, or Mac. When you want to sign in with your Apple ID on a new device the first time, you need to provide two pieces of information—your password and the six-digit verification code that's auto-displayed on your trusted devices.
Use of secure tokens for authentication
Boxcryptor Icloud Backup
When you access iCloud services with Apple’s built-in apps (for example, Mail, Contacts, and Calendar apps on iOS or macOS), authentication is handled using a secure token. Secure tokens eliminate the need to store your iCloud password on devices and computers.
End-to-end encryption for Health data requires iOS 12 or later and two-factor authentication. Otherwise, your data is still encrypted in storage and transmission but is not encrypted end-to-end. After you turn on two-factor authentication and update iOS, your Health data is migrated to end-to-end encryption.
If you back up your device on your Mac or iTunes, Health data is stored only if the backup is encrypted.
Learn more about advanced security features in the iOS Security Guide.
This is the last of three posts about things we can do to keep our data and private information as safe as is possible in todays online environment. Boxcryptor encrypts files that you store in the cloud. Whisp.ly encrypts your emails in transit. Boxcryptor not only encrypts your files so that they are illegible but protects encrypted files from Meltdown and Spectre! Boxcryptor is free for non commercial use which allows you to install Boxcryptor on 2 devices, upload to one cloud provider and has Whisp.ly integration. There are two upgrades you can buy up to, Personal and Business. Compared to the cost of having your data or personal information stolen both are extremely cost effective. In addition to all of the benefits of the free service Personal and Business allow you to connect to unlimited cloud providers, Boxcryptor supports 20, on an unlimited number of devices. Business has group membership and management options as well as a higher priority for support. Support is via email for Personal and via Community for the free version. However my experience has been that Boxcryptor is so easy to install and configure that support has not been an issue. When you download Boxcryptor you will need to set up a password and ID (email). Warning if you forget your password and ID you are SOL! Boxcryptor does not retain password or ID’s and will not send you a change ID or password link. You will be locked out and your data will be an illegible chicken scratch in your storage provider. I use Boxcryptor on my Mac’s and Windows machines, iOS and Android mobile devices
Many people use a password keeper for their passwords. The potential issue with that is if the password keeper is hacked, Microsoft, Adobe, Citibank and Apple iCloud have been hacked, your passwords are compromised. Never think “why would anyone bother with me” criminals are just randomly searching for vulnerable accounts to get into. I keep all 200 of my passwords on a password protected excel spreadsheet that I upload to my cloud provider via Boxcryptor. Even if I get hacked my passwords are encrypted and the hacker cannot open them. If you want technical information regarding Boxcryptor click here. I am not technical I just know that it works for me. Cyber criminals have become so sophisticated that you no longer need to click a link to let them in. Just opening an email or text from someone you don’t know will open the door to your data.
File names can be encrypted so that criminals cannot even tell what type of file you have encrypted. Encrypted files can only be opened in a legible format through the Boxcryptor app. Encrypted file names appear legible in the Boxcryptor app. Here is an example of what is seen in the cloud provider when file names are encrypted.
When you try to open an encrypted file outside of Boxcryptor this is what you see
Boxcryptor Icloud Drive
Be safe its the wild west out there!