macOS Monterey: 5 Things to Know about Security and Privacy
They might not always make front-page news, but security and privacy updates always feature in Apple’s operating system updates, and macOS Monterey is no exception.
At the all-online Worldwide Developer Conference 2021 (WWDC 2021), Apple unveiled macOS Monterey, the latest version of its operating system. The latest release, also known as macOS 12, follows last year’s Big Sur, which brought a big upgrade in terms of design and improved security features. Monterey focuses on delivering new ways to connect and making work more fluid across Apple devices; but here are the key privacy and security updates that caught our attention.
1. Universal Control
An important highlight at this year’s WWDC keynote was the demo of a new macOS feature, Universal Control. Leveraging existing technologies, such as Continuity, Handoff, and Airdrop, the Universal Control feature allows Mac users to drag and drop content between devices using the trackpad and keyboard. It also allows users to control an iPad from a Mac directly. The new feature works with up to three devices on the same iCloud account and connected through WiFi or USB.
For now (at the time of writing), it’s unclear if Universal Control presents (if any) security and compliance issues, but we’ll be monitoring for updates to understand how Universal Control will fit into your organization’s security frameworks for the transfer of data and files between devices that might be company-owned, personal, or both.
2. Xcode Cloud
Apple is also introducing new tools and technologies for the developer community. Xcode Cloud is a cloud-based workflow tool for building, testing and deploying apps across Apple devices. It aims to ensure easier collaboration for development teams, even when working remotely.
Xcode Cloud comes with security and privacy features such as two-factor authentication and data encryption at rest. The source code for apps is used in a temporary build environment and Xcode Cloud will only store the products of the build.
However, for development teams looking for full protection of their source code, DLP tools such as Endpoint Protector, with N-gram-based text categorization are useful to adopt. These tools identify programming languages with an accuracy rate as high as 98%, ensuring more efficient data protection and guarding against IP loss.
Currently available in a limited beta stage, Xcode Cloud is planned for general availability in 2022.
3. Passwords improvements
Although password management improvements were not detailed at the WWDC keynote session, some major changes are coming. In macOS Monterey, passwords will move to a new section in System Preferences, similar to how they are located in Settings on iOS and iPadOS. The iCloud Keychain is being rebranded as iCloud Passwords, and the new version of the Apple OS will also allow users to import and export passwords between iCloud and other password managers. iCloud Passwords will also be available for Windows users and, with an extension, for Microsoft’s Edge browser.
4. Automatic HTTPS in Safari
Another feature that went largely unnoticed at this year’s WWDC keynote is the automatic upgrade to HTTPS, the secure version of the standard web protocol HTTP in Safari. In the new OS, Safari will automatically upgrade web connections for sites from HTTP to the HTTPS protocol if they’re known to support it. HTTPS means that communication between the user and the server is encrypted both ways.
In macOS Monterey, Safari will also bring increased privacy protection, preventing trackers from determining your IP address and using it to build a profile of what sites you tend to visit. This is all part of making Safari more private and secure.
5. Enhanced Internet Privacy with iCloud Private Relay
We could call the new iCloud Private Relay the Apple version of a VPN, allowing you to connect and browse the web in a more private and secure way. This is done by encrypting your traffic and sending it through two internet relays, ensuring that no entity can see the contents of your browsing data. According to Apple, Private Relay hides a user’s traffic from internet services providers, advertisers, and even Apple itself.
This new feature is part of a new subscription bundle called iCloud Plus (iCloud+), together with two other privacy features: Hide My Email, which lets users share a unique, random email address instead of giving their real one away, and expanded HomeKit Secure Video, which allows an unlimited number of connected security cameras to store their footage on the user’s iCloud account without counting toward storage limits.
Endpoint protection and DLP support for macOS Monterey
Endpoint Protector is the only Mac-first DLP software on the market to feature zero-day support, a KEXTless agent, and be notarized under Apple’s notarization requirements.
Address the top data security threats on your macOS devices with tools including Device Control, Content-Aware Protection, eDiscovery or Enforced Encryption.
Download our free ebook on
Data Loss Prevention Best Practices
Helping IT Managers, IT Administrators and data security staff understand the concept and purpose of DLP and how to easily implement it.