Sunday
Jul222012

Are the contents of your iPhone / iPad encrypted?

We put so much information into, and do so much on, these amazing little phones & tablets now, from the obvious like email & contacts, files of almost any kind, passwords and banking, to private diaries, flirting and sexting, remote-access to other computers and corporate resources, and the logging of search & location history.

If you were to store all that information on paper and keep it with you everywhere you go, and accidentally leave it in the back of a taxi, or have it stolen from your bag at the airport, you’d be mortified!  And yet, you might be taking an even greater risk right now, as that iThing has intrinsic value all of its own, whereas a folder of papers doesn’t!

Do you have the 4-digit ‘Passcode’ (the 4-digit ‘PIN’ you enter when you wake up the phone) enabled on your iThing?  If not, that’s your cue to be mortified.  That 4-digit code isn’t just a lock on its digital front door, it the key that encrypts much of the sensitive information stored in your iThing, so even if a determined theif/hacker got their hands on it, and even jailbroke it to access the raw file system, your information would still be encrypted.

Even if you do have a passcode set, check this now: On your iPhone or iPad, tap on the ‘Settings’ app > General > Passcode Lock.  At the bottom of that screen, does yours display “Data protection is enabled”?  In a small subset of iThing owners who upgraded an iPhone 3GS to iOS4 (and then iOS5), or iPad1 from iOS3.2 to iOS4 (and then iOS5), it’s possible that your sensitive data isn’t encrypted even though you’ve got a Passcode set.

Just so we’re clear, even someone completely non-technical can access sensitive info about you simply by having physical access to your non-Passcode-protected iPhone/iPad.  A suspicious/jealous spouse might not hesitate spending $150 on one of these to suck out all the data in your iThing (including ‘deleted’ info) while you’re in the shower, for later perusal ;).  Whilst the thief who does the actual stealing of your iThing might not be interested in what’s inside your phone, a higher-level tier of the criminal ecosystem might be.

So long as you backup your iThing to either iTunes or iCloud on a regular basis, you might also want to enable the “Erase Data after 10 failed passcode attempts” option - if someone steals your phone and thinks trying 10000 passcode possibilities will get them in, this setting reduces their odds to 1 in 1000 by deleting all data on your phone if 10 incorrect passcodes are entered (not recommended for those with young children!).

While you’re at it, do you have “Find My iPhone” (or iPad) enabled?  Although police in many jurisdictions might be unwilling to go busting down doors based only on your acusation of theft and the wandering position of the little blue dot on the map in the Find My iPhone/iPad feature of iCloud, there’s plenty of cases of desperate iThing owners successfully recovering their lost or stolen device with this feature, which also allows you to enable a Passcode remotely, send a message to the phone (offering the finder/thief a means to return it to you), or simply erase the phone’s contents.  Here’s how to set it up.  And no, you can’t turn on Find My iPhone remotely, so you need to do this now before its too late!

Apple offers plenty of options to keep your personal, private information relatively safe, all you need to do is turn them on.

PrintView Printer Friendly Version

EmailEmail Article to Friend

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>
« What is this 'cloud computing' thing anyway? | Main | Microsoft's Cloudy Vision Rains on Windows Small Business Server »