Already a few years ago, Apple maintains a IOS Security Guide, which is updated periodically detailing system security features for owners of iPhones, iPads, and iPods touch. Now, Ma is expanding this initiative: the company today released the Apple Platforms Security Guide (Apple Platform Security Guide), an extensive document covering the safety and security tools in all its products, systems and services.
The document, currently available only in English, is presented via a PDF file of over 150 pages. Apple, meanwhile, has decided to make life easier for users and has also released a new page on its website by condensing the information into five main points.
In the dedicated section hardware security, Ma talks about elements like Secure Enclave and chip T2, responsible for the administration of users' biometric data and the encryption of their data; It also explains the operation of its Touch ID and Face ID identification systems.
In the section of systems security, Apple describes the process of boot, software upgrades and continuous operation of your operating systems, noting that these elements connect to create a security “chain”.
The company also notes that the latest versions of iOS, iPadOS, and macOS are always the most secure, and the update system prevents attacks from taking a machine back to an earlier version of the OS to steal data.
Data protection and encryption
In the related part data protection and encryptionApple explains that its systems have capabilities to protect data even if another part of its foundation is compromised. There are also explanations about the Data Protection (which protects data from iOS and iPadOS) and FileVault (responsible for the same function in macOS).
In the section of apps securityApple talks about the layers of protection it applies to its systems to prevent potentially malicious or poorly built applications from posing a threat to its users. There are explanations about the sandbox iOS / iPadOS apps, as well as the notification process required for MacOS apps.
On the part of security of services, the company notes that its catalog (made up of products such as iCloud, Apple Pay, iMessage and FaceTime) has robust security features to protect and store user data.
The Ma document also has other sections intended for advanced and enterprise developers or users – they refer to network security, development kits, secure device management and more.
It's worth a read if you are interested in the subject or simply want to better understand the company's security features.
via Daring Fireball