Apple iCloud and the future of authentication

Last updated: 23 December 2015

In an increasingly digital and cloud-based world, as we hand over our relationship status and birth dates to Facebook, log our whereabouts on Twitter and Foursquare, upload our photos to Flickr and work off the corporate network from an airport, café or at home, there is one thing we refuse to let go of: gadgets. I am a self diagnosed gadget geek, so this topic is near to my heart.  Just take a look at recent iPad sales and the unpredicted success as described by @JohnPaczkowski. From our cell phones to our laptops and tablets – we have a psychological need to own a device from which to access our data, wherever it is stored.

Massive potential when properly secured

However, living, working and breathing off the cloud is becoming more of a reality. Just take a look at recent reports about Apple announcing it will be launching iCloud and Mac OS X Lion and iOS 5 next Monday 6th June at the keynote at WWDC 2011 and this cloud computing piece by @stevenjayl on Google’s cloud-based Chrome operating system . While there is a lot of hype around moving to the cloud it is not without its storms (couldn’t help myself).  @stevenjayl highlights one of the principal concerns of moving completely into the cloud – we just don’t feel secure enough.

There is a reason why we don’t feel comfortable accessing work documents on an internet café computer – it isn’t ours. Users of desktops, mobile devices, tablets and laptops for both personal and professional purposes will understand the need for physical ownership. That is why I agree with Steven Levy that living, working and breathing purely off the cloud may still be a little way off. In the meantime, we can prepare ourselves by occasionally delving into the cloud, but with physical security. No, not a lock, but by complementing traditional authentication with a physical device (such as a smart card or one-time password – OTP USB token) along with something we know (password)) and something we are (identity-based) to provide a stronger verification that it is really you accessing your information stored in the cloud. That’s right, strong authentication can pave the way for us to hold on until we are ready for the cloud.