Apple Platform Security
Security has become such a buzword in the last few years that I wanted to put into perspective Apple’s commitment when it comes to security. Apple has always put profits second to security and privacy. Even the FBI was unable to force Apple to unlock an iPhone in the San Bernardino case. Here is Apple’s statement after the case was dropped: “From the beginning, we objected to the FBI’s demand that Apple build a backdoor into the iPhone because we believed it was wrong and would set a dangerous precedent. As a result of the government’s dismissal, neither of these occurred. This case should never have been brought….”
Apple has built an ecosystem committed to helping protect customers with leading privacy and security technologies, every device combines hardware, software, and services designed to work together for maximum security and a transparent user experience in service of the ultimate goal of keeping personal information safe.
Apple’s architecture centers around six pillars of security. Each addreses an aspect of the entire ecosystem designed in protecting personal and corpoate information.
Secure software requires a foundation of security built into hardware. That’s why Apple devices—running iOS, iPadOS, macOS, watchOS, or tvOS—have security capabilities designed into silicon. These include custom CPU capabilities that power system security features and silicon dedicated to security functions. The most critical component is the Secure Enclave coprocessor, which appears on all modern iOS, iPadOS, watchOS, and tvOS devices, and all Mac computers with the Apple T2 Security Chip. The Secure Enclave provides the foundation for encrypting data at rest, secure boot in macOS, and biometrics. The Apple T2 Security Chip gives your Mac a higher-than-ever level of security. Your data is encrypted with keys tied specifically to your computer, and Secure Boot ensures that only legitimate macOS software loads at startup
All modern iPhone, iPad, and Mac computers with a T2 chip include a dedicated AES hardware engine to power line-speed encryption as files are written or read. This ensures that Data Protection and FileVault protect users’ files without exposing long-lived encryption keys to the CPU or operating system. For more information on which Apple hardware contains the Secure Enclave, see the Secure Enclave overview.
Secure boot of Apple devices ensures that the lowest levels of software aren’t tampered with and that only trusted operating system software from Apple loads at startup. In iOS and iPadOS devices, security begins in immutable code called the Boot ROM, which is laid down during chip fabrication and known as the hardware root of trust. On Mac computers with a T2 chip, trust for macOS secure boot begins with the T2 chip itself. (Both the T2 and Secure Enclave also execute their own secure boot processes.)
The Secure Enclave enables Touch ID and Face ID in Apple devices to provide secure authentication while keeping user biometric data private and secure. This enables users to enjoy the security of longer and more complex passcodes and passwords with, in many situations, the convenience of swift authentication.
The security features of Apple devices are made possible by the combination of silicon design, hardware, software, and services available only from Apple.
Building on the unique capabilities of Apple hardware, system security is designed to maximize the security of the operating systems on Apple devices without compromising usability. System security encompasses the boot-up process, software updates, and the ongoing operation of the OS.
Secure boot begins in hardware and builds a chain of trust through software, where each step ensures that the next is functioning properly before handing over control. This security model supports not only the default boot of Apple devices but also the various modes for recovery and updating on iOS, iPadOS, and macOS devices.
The most recent versions of iOS, iPadOS, or macOS are the most secure. The software update mechanism not only provides timely updates to Apple devices—it also is delivers only known good software from Apple. The update system can even prevent downgrade attacks, so devices can’t be rolled back to an older version of the operating system (which an attacker knows how to compromise) as a method of stealing user data.
Finally, Apple devices include boot and runtime protections so that they maintain their integrity during ongoing operation. These protections vary significantly between iOS, iPadOS, and macOS devices based on the very different sets of capabilities they support and the attacks they must therefore thwart.
The secure boot chain, system security, and app security capabilities all help to ensure that only trusted code and apps run on a device. Apple devices have additional encryption features to safeguard user data, even when other parts of the security infrastructure have been compromised (for example, if a device is lost or is running untrusted code). All of these features benefit both users and IT administrators, protecting personal and corporate information at all times and providing methods for instant and complete remote wipe in the case of device theft or loss.
iOS and iPadOS devices use a file encryption methodology called Data Protection, while the data on Mac computers is protected with a volume encryption technology called FileVault. Both models similarly root their key management hierarchies in the dedicated silicon of the Secure Enclave (on devices that include a SEP), and both models leverage a dedicated AES engine to support line-speed encryption and to ensure that long-lived encryption keys never need to be provided to the kernel OS or CPU (where they might be compromised).
Apps are among the most critical elements of a modern security architecture. While apps provide amazing productivity benefits for users, they also have the potential to negatively impact system security, stability, and user data if they’re not handled properly.
Because of this, Apple provides layers of protection to ensure that apps are free of known malware and haven’t been tampered with. Additional protections enforce that access from apps to user data is carefully mediated. These security controls provide a stable, secure platform for apps, enabling thousands of developers to deliver hundreds of thousands of apps for iOS, iPadOS, and macOS—all without impacting system integrity. And users can access these apps on their Apple devices without undue fear of viruses, malware, or unauthorized attacks.
On iPhone, iPad, and iPod touch, all apps are obtained from the App Store—and all apps are sandboxed—to provide the tightest controls.
On Mac, many apps are obtained from the App Store, but Mac users also download and use apps from the Internet. To safely support Internet downloading, macOS layers additional controls. First, by default on macOS 10.15 or later, all Mac apps need to be notarized by Apple to launch. This requirement ensures that these apps are free of known malware without requiring that the apps be provided through the App Store. In addition, macOS includes industry-standard anti-virus protection to block—and if necessary remove—malware.
As an additional control across platforms, sandboxing helps protect user data from unauthorized access by apps. And in macOS, data in critical areas is itself sandboxed—which ensures—that users remain in control of access to files in Desktop, Documents, Downloads, and other areas from all apps, whether the apps attempting access are themselves sandboxed or not.
Apple has built a robust set of services to help users get even more utility and productivity out of their devices. These services include Apple ID, iCloud, Sign in with Apple, Apple Pay, iMessage, FaceTime, and Find My.
These services provide powerful capabilities for cloud storage and sync, authentication, payment, messaging, communications, and more, all while protecting users’ privacy and the security of their data.
In addition to the built-in safeguards Apple uses to protect data stored on Apple devices, there are many measures organizations can take to keep information secure as it travels to and from a device. All of these safeguards and measures fall under network security.
Users must be able to access corporate networks from anywhere in the world, so it’s important to ensure that they are authorized and that their data is protected during transmission. To accomplish these security objectives, iOS, iPadOS, and macOS integrate proven technologies and the latest standards for both Wi-Fi and cellular data network connections. That’s why our operating systems use—and provide developer access to—standard networking protocols for authenticated, authorized, and encrypted communications.