 |
| Apple's Private Relay service poses a risk to organizations |
In the past few years, Apple has introduced a number of new services. All these services naturally offer practical advantages to users, but on the other hand they can also harm businesses and organizations.
iCloud Private Relay is one such service. This can lead to a phenomenon called shadow IT that occurs in companies and organizations that have dedicated IT departments.
This problem occurred when Apple launched the App Store on iPhone several years ago. At the time, users could access software and applications without the intervention of the IT department, making it a "shadow", as the name implies, and the original intent being trivial.
However, Apple later provided the company with a platform called MDM that allowed IT departments to access and control the device and its internet connection, but users could only use other devices.
Today, more than ten years after these incidents, Apple's iCloud Private Relay problem has started to surface. This has had a negative impact on the IT industry, turning into an ineffective shadow, as mentioned earlier.
Apple Private Relay
This service aims to protect the privacy of users. This is done by encrypting your internet connection. It can also be paid for via iCloud + from Apple. This feature is currently available in iOS 15 beta and only works on Safari
However, this feature is intended for the app on the entire device, not just the Safari browser. This feature only connects to the Internet through a dedicated server (ie an Apple server).
On the other hand, this function is different from VPN technology, where the VPN is used to open a secure internet connection, but the private relay function - greatly simplified - relies on setting up an Apple-based connection server.
This is where the problem arises in the services and facilities of companies and even schools that monitor the use of the Internet in the work environment. However, since the user can use Apple's private relay service to access the Arab Gateway for the new technology, when the connection is verified, the company's IT team decides that it is Apple servers and not the Arab Gateway server.
However, any organization can still block this service by blocking the Apple server address connected to it. In this case, no one in the organization can use the service.
There is no doubt that this problem could be more serious. For example, employees who use external servers to expose company documents. The ease of use is also impressive. For example, use it to watch entertainment clips while working or studying.