In an effort to streamline what might otherwise have become a mess of separate security documents, Apple today released a unified document covering all of its operating systems and most of its services. Available as a hyperlinked website and a PDF document, Apple Platform Security combines the company’s prior iOS, macOS, and T2 security chip documents with updates specific to iPadOS, tvOS, and watchOS, while moving details on privacy, Siri, and Safari to its Privacy mini-site.
If you’re looking for an extended and fairly deep dive into Apple’s security practices, the 157-page PDF will make for good bedtime reading. It touches on everything from nitty-gritty details of hardware security and biometrics to OS-level kernel and cryptographic security, app security, and accessory authentication practices. The specific protections offered by Apple Pay, iMessage, and iCloud-dependent apps such as Notes, Shortcuts, and Find My are addressed, as are the implications of using cross-device features such as Continuity, Handoff, and text message forwarding.
Since Platform Security is loaded with acronyms and other terms that might not be familiar to some users, there’s a handy six-page glossary near the end, but notably no Table of Contents in the PDF. That feature is presently exclusive to the web version, taking advantage of nested headings and sub-headings to generate an initially manageable list of big subjects that can be granularly expanded into a sprawling multi-page collection of topics and terms.
Neither version attempts to include all of Apple’s security documents, leaving some — such as ISO/IEC 27001 and ISO/IEC 27018 certification documents, cryptographic module validations, and other government approvals — to be viewed as links from the website or PDF. Siri details are largely discussed on a broad list of features, with brief Knowledgebase documents addressing the privacy rather than security implications of Ask Siri and Siri Suggestions.
June 5th: The AI Audit in NYC
Join us next week in NYC to engage with top executive leaders, delving into strategies for auditing AI models to ensure fairness, optimal performance, and ethical compliance across diverse organizations. Secure your attendance for this exclusive invite-only event.
The newly released document has a date of “Fall 2019” at the top and a December 2019 listing in its Document Revision History at the bottom. Apple previously updated the OS-specific documents it’s based upon several times per year, generally coinciding with major OS point releases and the introduction of new services, so it’s likely that this guide will continue that practice.
