ADP extends that protection pretty considerably to also cover your iCloud backups, iCloud Drive, and the information in Photos, Notes, and Reminders. Without ADP enabled, this data is still encrypted, which adds a strong layer of protection from third parties or bad actors. But Apple can still access this data and turn it over to the cops.

End-to-end encryption closes that loophole. If an Apple employee decides to go rogue, or Apple gets hacked and your files get leaked—and neither of those scenarios have happened, to our knowledge—ADP will ensure your data is still safe. It also means Apple can’t get your files back if you lose access to them: The passcodes and passwords on your Apple devices are the only route through which end-to-end encrypted data can be unlocked. Apple has a full and comprehensive explanation of iCloud’s security and privacy features.

ADP does make iCloud on the web harder to get into.

Apple via David Nield

So, do you need ADP? If you want the most complete level of security and privacy possible, then yes. Just make sure you have backup methods for recovering your account (more on this in a moment), as Apple won’t be able to help you unlock your encrypted files if your account becomes inaccessible. While the default, standard encryption Apple puts in place is already very strong, ADP covers more of your data, which is reassuring in the slim chance Apple’s data centers suffer a breach or the FBI wants to take a look at your iCloud files.

It’s also worth bearing in mind that all this extra encryption restricts iCloud access in your web browser (the web portal where you can get at your emails, photos, and so on). You can still log in to iCloud on the web, but you’ll need to confirm the connection on a trusted device (like an iPhone or Mac) every single time you log in—and you’ll need to reauthorize the link every hour while you browse your files. If you use iCloud on the web a lot, you might find life more convenient without ADP enabled.

How to Enable Advanced Data Protection

If you’re ready to enable ADP, you can do it right from your iPhone—as long as all the devices associated with your Apple ID are running the latest software, and your Apple ID has two-factor authentication switched on. (If you haven’t yet done this, you’ll find instructions on the Apple website.)

If you’re using an iPhone or an iPad, open Settings, then tap your name at the top. Choose iCloud, then Advanced Data Protection: You’ll see a screen briefly explaining how the feature works, and you can tap Turn On Advanced Data Protection to do just that. At this point you’ll be told if there are any devices connected to your Apple ID that aren’t compatible with ADP, and you’ll be given the option to “remove” them. If you do remove a device, it will no longer be linked to your Apple ID, and it won’t sync to your iCloud account, so it’s not recommended you “remove” any devices you’re still using. A better option would be to update the software on these devices to make them compatible with ADP, or replace the devices with newer versions.

Source link