As we observe the tenth anniversary of the original Apple iPhone, for most of us it’s hard to imagine life without smartphones. But have you ever wondered how secure these amazing pocket computers really are? And does it even matter in the wider scheme of things, since almost every day we hear about massive data breaches that are seemingly beyond our personal control?
The answer to the latter question is straightforward. Smartphone security matters, it really does. Just stop to think for a moment about how much your smartphone knows about you. It knows what you like, who your friends are, what your typical day looks like. It knows everywhere you go, and often what you did there. Increasingly, your smartphone even has the ability of paying for things. I suggest that few of your friends, including even yourself, know – and can retain—all this information about what it means it to be you. Are you happy to share all this information with the rest of the world? With marketers, the media, the government, criminals, and that gossiping neighbour across the street?
Perhaps the smartest of the smartphones, from a security perspective, is the iPhone. For a number of years Apple have recognized the value of security and steadily built in robust security features. Cyber security ultimately relies on cryptographic controls, which provide the digital equivalent of physical security mechanisms such as locks, safes and signatures.
The iPhone deploys state-of-the-art cryptography in numerous ways to protect not just the data on your phone, but also data in the cloud, messaging services, downloaded apps, payment mechanisms, etc. The iPhone takes security seriously and genuinely tries to get things right. Apple have also defended this capability in the face of extreme pressure from some external agencies. When the FBI challenged Apple about making the iPhone so secure that investigators could not access the personal smartphone data of suspects, the company broadly argued that providing security for everyone offers societal benefits that far exceed the occasional inconvenience resulting from doing so. I, for one, agree with them.
However, having a secure iPhone does not make your data safe. Cyberspace consists of an ever-increasing multitude of devices, services and networks. Indeed, the main benefits we all enjoy in cyberspace arise from the ability of data to be almost instantaneously sent and retrieved from anywhere around the globe. A healthy cyberspace thus requires all connected parties to practice decent standards of cyber hygiene in order to keep data safe wherever it travels or resides.
This is a particular responsibility of large organizations (like Equifax), many of whom store digital information relating to millions of customers. In the main, we simply have to trust them to secure our digital assets. In some situations, if we are let down, we can transfer our loyalties. However, in many other cases we have no choice, such as when we submit personal data to the government. Since we’re all in this together, securing a smartphone is a bit like regularly washing your hands. Doing so doesn’t guarantee your health because others may be less diligent. Not doing so, on the other hand, is extremely likely to result in you becoming ill.
In an era of rush to market technologies, where security is often added as an afterthought, we should welcome the approach taken by Apple to manufacture devices designed with security in mind. The iPhone might not be a digital Fort Knox, but it’s a considerably safer place from which to base your digital life than many of the alternatives, some of which can be more like sleeping in a transparent tent. In an increasingly dangerous world of cyber incompetence and banditry, the first and foremost place to secure should surely be your digital home.