Apple @ Work: Understanding iCloud Private Relay for Apple devices in the workplace – including how to block it

Apple @ Work brings you Mosyle, a leader in modern mobile device management (MDM) and security for Apple business and educational users. Over 22,000 organizations use Mosyle solutions to automate the management and security of millions of Apple devices daily. Request a FREE account today and discover how you can put your Apple fleet on auto-pilot at a price that’s hard to believe.

When Apple announced all the new features coming to macOS and iOS at WWDC back in June, one of the new announcements was iCloud +, which includes all paid iCloud plans. One aspect of iCloud + is iCloud Private Relay. Because it changes the route of the network path, companies that use Apple must take this into account when managing their devices. So let’s dive into what impact that is likely to have.

About Apple @ Work: Bradley Chambers has been managing the business IT network since 2009. Through his experience in setting up and managing firewalls, switches, mobile device management, Wi-Fi for businesses, 100 Macs and 100 iPads, Bradley will highlight the ways Apple IT managers deploy Apple devices, build networks to support them, train users, stories from the trenches of IT management, and ways Apple could improve its products for IT departments.

The idea behind iCloud Private Relay is to protect privacy when users are on public Wi-Fi networks. For example, if someone is in a cafe, sports stadium, or restaurant and uses public Wi-Fi, their IP address is visible to all the websites they visit. This has long been a concern for people who are focused on privacy as they try to avoid being tracked in the locations they visit. In addition, these websites may use this location information and user browsing habits to build a personal profile that will serve you more targeted ads. Of course, ads aren’t always negative, but people deserve the right to remain anonymous if they want to. Here’s how iCloud Private Relay works from a technical perspective:

When private transmission is enabled, your requests are sent via two separate, secure internet relays. Your IP address is visible to your network provider and the first relay operated by Apple. Your DNS records are encrypted so that neither side can see the address of the website you are trying to visit. The second relay, managed by a third-party content provider, generates a temporary IP address, decrypts the name of the website you are looking for, and links you to the site. All of this is done using the latest Internet standards to maintain a high-performance browsing experience while protecting your privacy.

How iCloud Private Relay affects Apple businesses

From an IT perspective, an iCloud Private Relay-enabled device means that the services or locations the user is browsing and the DNS queries that bring them there will not be visible to your traditional network tracking solutions.

Depending on the type of organization, you may be in an industry that needs to audit all network traffic, so this could become a concern for you. However, in this early implementation of iCloud Private Relay, only Safari traffic will be affected, so traffic from email and corporate file sharing apps will remain unchanged. Apple could expand the use of iCloud Private Relay in the future, but at the moment it’s just Safari.

How to Block iCloud Private Relay

While there is currently no MDM control to disable iCloud Private Relay on managed devices, it could come in the future. In the short term, Apple’s advice is to return negative responses from your network’s DNS resolver for Apple’s servers:

When this traffic is blocked, the user will be alerted to disable iCloud Private Relay to access the content. However, Apple advises this blocking is better than delaying traffic or silently dropping IP packets sent to a Private Relay server, as it can lead to delays in the way devices process and transmit traffic.

FTC: We use auto affiliate links to earn revenue. More.

Watch 9to5Mac on YouTube for more Apple news:

Source link

Naveen Kumar

Friendly communicator. Music maven. Explorer. Pop culture trailblazer. Social media practitioner.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button