In an unprecedented move, a federal judge ordered Apple to help the Federal Bureau of Investigations (FBI) break into an iPhone used by Syed Farook, one of the killers in the San Bernardino, California, shootings. The FBI has been unable to access information on his employer-supplied mobile device, since Farook enabled a security feature on the phone which only allows a certain number of failed attempts to enter the passcode before erasing data. In an effort to work around this security feature, the government is demanding Apple write decryption code to give them unlimited attempts at guessing the passcode.
According to Apple, they have complied with all requests for assistance and advice during this investigation. However, the current government demands would not only push them outside the realm of what is possible today; they could potentially threaten the security of millions of people. As a business owner, it is important to understand what is at stake for your employees, your business, and you.
Data Security vs. National Security
In a message written to customers, Apple CEO Tim Cook explains the “chilling” implications of the government’s demands on data security and ultimately privacy. With the ability to decrypt the encryption code protecting private information stored on mobile devices, the government would essentially possess a master key to unlock any individual’s personal information. In the hands of an entity with good intentions, this type of power would make it easier to uncover crucial evidence in cybercrimes. In the wrong hands, however, all private data would be vulnerable as encryption would be useless to protect information. As such, Apple is contesting the ruling and currently says it has no plans to comply with the order.
This showdown between the FBI and Apple is just another example of the ongoing debate between protecting the privacy of US citizens and keeping them safe. While the federal government agrees encryption is vital to protecting private data, many argue tech companies should be required to provide backdoor access into encrypted information when law enforcement subpoenas it.
For businesses, regardless of whether or not you provide mobile devices for your employees, the outcome of this case could make your information an easier target for cybercriminals. If you have not already done so, now is the time to increase your cybersecurity efforts company-wide. Visit the Cyber Threats section of your portal for ways to counteract threats such as phishing, malware, and email attachments, or contact your Customer Success representative for more ways to increase your cybersecurity.