Amid rising security concerns globally, Apple continues to focus on users' privacy. Believing privacy to be a fundamental human right, the Cupertino giant has updated its Platform Security Guide that details features used by the company to protect users' devices and their data across all of Apple's platforms. This comprehensive technical guide details how security technology and features are implemented within Apple platforms, while helping organisations combine Apple platform security technology and features with their own policies and procedures to meet their specific security needs.
Apple started publishing its Platform Security Guide over 10 years ago. At that time, it was a short document summarising some of Apple's security posture, primarily for businesses that were understanding how to incorporate iPhone onto their networks. But since then it has grown significantly, with the latest comprehensive technical guide being 200 pages long. It was before the first iPhone was ever released that Apple started investing in security. While Apple was building the first iPhone, it became clear to the company that the role that these mobile devices would come to play in our lives would be completely different than the role that personal computers played in our lives. As we would carry these devices with us everywhere, we would use them for constant communication and constant connection. So they were just going to be way more personal than personal computers had ever been. And that made it really clear that Apple needed to approach security in a fundamentally different way.
This updated document reflects changes made in iOS 14.3, iPadOS 14.3, macOS 11.1, tvOS 14.3, watchOS 7.2. The topics added to the guide include memory safe iBoot implementation, Boot process for a Mac with Apple silicon, Boot modes for a Mac with Apple silicon, startup disk security policy control for a Mac with Apple silicon, LocalPolicy signing-key creation and management, contents of a LocalPolicy file for a Mac with Apple silicon, signed system volume security in macOS, Apple Security Research Device, password monitoring, IPv6 security and car keys security in iOS.
Apple has organised the content in topic areas including hardware security and biometrics, system security, encryption and data protection, app security, services security, network security, developer security kit and secure device management. Hardware security and biometrics focuses on the silicon and hardware that forms the foundation for security on Apple devices, including the Secure Enclave, a dedicated AES cryptographic engine, Touch ID, and Face ID. System security talks about the integrated hardware and software functions that provide for the safe boot, update, and ongoing operation of Apple operating systems. Encryption and Data Protection highlights the architecture and design that protects user data if the device is lost or stolen or if an unauthorised person or process attempts to use or modify it. The software and services that provide a safe app ecosystem and enable apps to run securely and without compromising platform integrity are listed under App Security, whereas Apple's services for identification, password management, payments, communications, and finding lost devices are under Security services. The document also talks about industry-standard networking protocols that provide secure authentication and encryption of data in transmission, framework "kits" for secure and private management of home and health, as well as extension of Apple device and service capabilities to third-party apps and methods that allow management of Apple devices, prevent unauthorised use, and enable remote wipe if a device is lost or stolen.