The Home of the Security Bloggers Network
Home » Cybersecurity » Cloud Security » Should I Restrict iCloud Private Relay for Managed Devices?
Private data is private. Personal data is private. Apple takes great pains to ensure that their users’ data remains in control of the user and nobody else. To that end, with the release of iOS 15 and macOS Monterey, Apple has created a new feature called iCloud Private Relay. 
It allows iCloud users, while using Mail.app or Safari, to shield their own traffic from prying eyes. This is great for the user, but it could cause issues when active on your company’s internal network. While it’s not a VPN, it does do some similar things: 
As a user, all you need to do is turn it on in your iCloud settings. It is built into iOS 15 and macOS Monterey and requires no advanced computer or programming skills to enable. And therein lies the problem: IT admins are often required (by compliance regulation or internal policy) to maintain a certain degree of visibility across the network. When end users can prevent that from happening, using native features built into their devices, compliance is at risk. 
Whether BYOD or corporate-owned (COD), the clash of B2C and B2B features can create headaches or, worse, fines and undue auditing. This article highlights how iCloud Private Relay works, why an admin may need to restrict it, and how.
When using Safari, Apple takes your traffic and splits up the information into two pieces: your IP address (where you are) and your DNS request (what you’re looking for). Private Relay encrypts the DNS request and sends it, along with your IP address, to an Apple proxy server. Apple, in the meantime, has handed over encryption keys to a third party (educated speculation is that this third party is either Cloudflare, Fastly, Akamai, or some combination of them), which runs a second proxy. Apple assigns an anonymous IP to the encrypted DNS request. 
This means that Apple knows (Read more…)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Pam Lefkowitz. Read the original post at: https://jumpcloud.com/blog/restrict-icloud-private-relay

More Webinars
Security Boulevard Logo White
DMCA

source