Fresh Thoughts #55: A Great Security Experience

Child using phone to look at flowers

It's hard to see the value of security until it's needed.
It can feel like a waste - based on hypothetical scenarios mixed with hysteria.
But security is the cosiest feeling when the chips are down.

A Great Security Experience

Last week I told the story of a stolen handbag.
In all the frustration, one positive shone through. Apple's security experience was exceptional.
Apple can be criticised for many things, but its security experience is exquisite. It answered all our questions...
Disclaimer: #NotAnAd

Where's my handbag?

"The last time your phone was seen near the house was 9:27pm last night... now appears to be at a phone shop in a dodgy part of town."

Apple's 'Find My' service is the one-stop online place to find your devices. From laptops, phones and iPads, to headphones and anything you attach an AirTag to.

Tracking was enabled - as we have a habit of losing phones around the house - and it even works when the phone is powered off...

This was instant confirmation that it had been stolen. We tracked the phone for four hours, watching it update its location every 5 minutes. Interestingly the police refused to record what we saw - but that's a story for another day.

Are we going to get the phone back?

The police said...
"Don't go to the shop you can see in the tracking data."

And then, a short time later...
"There's no CCTV... and no eyewitnesses... so there's insufficient evidence to pursue an investigation... The incident is closed at source."

I can't help thinking Sandip Patel KC was right. "You're on your own." 🤷‍♂️

What about the pictures? Can we get those back?

"Yes - everything is safe."

Both the phone and iPad were configured to use iCloud as a backup. So all the pictures, contacts and settings were stored remotely and securely.

As is always the case, not "everything" was backed-up. Luckily it wasn't something important - merely the children's progress on their favourite science app - Tappity. 🤦‍♂️

What about the information on the phone?

"There's no way they can get at the data on your phone, so I'll trigger a remote wipe - so the phone is fully secured."

The array of protection Apple offer iPhones and iPads is impressive. It starts with PIN codes with timeouts for wrong guesses - to prevent repetitive guessing of all combinations.

Apple's facial recognition - FaceID - is a great experience but doesn't provide additional security. However, multi-factor authentication (MFA) is needed to access cloud backups. MFA is the lynchpin of Apple's privacy and security model.

Finally, add in the encrypted storage and obfuscated notifications. There's no way a petty criminal can access sensitive information.

So... it's just a chunk of electronics in a pretty purple case?


The Restoration

As anticipated, Apple's multi-factor authentication was the crux of the restoration process. There was a circular dependency. To authenticate, the phone needed to use the iPad... and the iPad needed to use the phone.

After 5 days - mainly waiting for deliveries - we got the required access. In hindsight, the digital detox was a good thing.

Then... "Would you like to restore you're backup from 2 days before the incident?"
And 20 minutes later, everything was back to normal.

Final Thoughts

It's important to remember that this experience was on consumer devices and inside the closed Apple walled garden. Businesses rarely have this luxury and must combine many vendors to ensure their operations work effectively.

However, the same experience can be achieved by combining native and foundational security technologies to answer the questions that arise. It takes prior thought, planning and configuration.

The incident you experience may not be a stolen handbag. It could be a ransomware attack. But your experience can be as seamless - provided you have security already in place.

February 28, 2023
3 Minutes Read

Fresh Thoughts to Your Inbox

Fresh perspectives on cybersecurity every Tuesday. Real stories, analytical insights, and a slash through buzzwords.

We'll never share your email.

Related Reads

woman holding a handbag and laptop case

Fresh Thoughts #54: What Can a Stolen Handbag Teach Us About Threats?

The latest version of ISO 27001 has a new control - Threat Intelligence. What is it? And how can a recent theft help us understand more?

Subscribe to Fresh Thoughts

Our weekly newsletter brings you cybersecurity stories and insights. The insights that help you cut through the bull.

We'll never share your email.


Fresh Security Support

Your Questions


Fresh Sec Limited

Call: +44 (0)203 9255868