Re: [Fed-Talk] Apple Data protection on for all apps now?
Re: [Fed-Talk] Apple Data protection on for all apps now?
- Subject: Re: [Fed-Talk] Apple Data protection on for all apps now?
- From: Brian Almeida <email@hidden>
- Date: Fri, 20 Sep 2013 15:35:47 -0400
Shawn,
I was told a few months ago that this was only true on new app installs. Is
that still the case? If so, when an iOS device is restored from backup, since
it's reinstalling apps do they automatically get the higher data protection?
Thanks,
Brian
On Fri, Sep 20, 2013 at 12:24:49PM -0700, Shawn A. Geddis wrote:
> On Sep 20, 2013, at 12:06 PM, Marcus, Allan B <email@hidden> wrote:
> > The iOS 7 business page has this tidbit: http://www.apple.com/ios/business/
> >
> > Using methods that leverage the user’s passcode to create a strong and unique encryption key, data protection provides IT with peace of mind that corporate data is secured without additional configuration. All third-party apps now have data protection enabled automatically, so information stored in App Store apps is protected with the user’s passcode until they first unlock their device after each reboot.
> >
> > Can someone explain what this means? It sounds good.
>
> Allan,
>
> It means that ALL App Store Apps now default to "Class C: Protected until First unlock”. Recall our discussion on Data Protection and the multiple classes of protection. Previously, the default was “Class D: Available Always” in that the device HW/iOS could automatically leverage the unknown/etched DeviceID Key to unwrap the Class D keys for access to those files without human intervention.
>
> Raising default to "Class C: Protected until First unlock” is indeed another good thing in addition to the Device / iOS enhancements.
>
> - Shawn
> ________________________________________
> Shawn Geddis
> Security Consulting Engineer
> Apple Enterprise Division
>
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
--
Brian Almeida <email@hidden>
Principal, Noblis
Phone: 703-610-2714
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden