Privacy and security implemented by Apple both in their equipment and in their operating systems have become one of the fundamental pillars for the company. In fact, it is not the first time that Apple appears in the media for refusing to provide access to its computers under request of the FBI or other agency, after the latter tried to force its operating systems to collect information from some users.
A right to privacy of our data that is under constant attack not only by hackers or scamer’sbut also by the forces of law and order because at some airports or borders, they are demanding their personal computers from citizens to perform data scans under the excuse of “national security”.
For the vast majority of users an alphanumeric security code is more than enough to protect your equipmentbut there is an even more restrictive method called “Pair Locking“or monitored mode, which links a single computer to the iPhone or iPad and makes it inaccessible to other computer or data-scanning technology equipment.
Considerations before activating Pair Locking
As we’ve already told you, this system puts our equipment in a surveillance state that prevents access to our data from unauthorized equipment for further analysis, so it is a fundamental tool within the business world. But it is also becoming an alternative for those users who want to protect their data at all costs, although the following considerations must be taken into account:
- When setting up Pair Locking on our computers, the information will be completely removed from our computers. A deletion after which we can access and activate iCloud, Install Apps, settings and so on but individually, since if we restored a backup we would remove the surveillance state from the ‘Pair Locking’ system and return to normal mode.
- This system links the iPhone or iPad to our Mac team. So anyone who has access to or uses our Mac, will be able to access all the data on our computer once it is connected by cable.
- If by any chance the Mac we’ve linked it to breaks down or we lose the surveillance data that we are going to create, our terminal (iPhone or iPad) will be locked and there will be no way to connect to it.
How to activate and use Pair Locking to protect our equipment
- We download to the Mac we’re going to link Configurator 2 to from the Mac App Store.
- We connect our iPhone or iPad to the Mac using the USB cable.
- Open the Configurator 2 application on your Mac and click on the Prepare button on the top bar.
- From the pop-up menu that appears we have to check that this activates “Monitor devices” and “Allow devices to link to other computers”. This second option is important since it would allow us to add or remove profiles without having to restore the computer in case of changing the computer.
- In the next screen we click that we don’t want to register the equipment in the MDM (references to the mobile device management servers with which the devices communicate).
- When asked for our Apple ID for the device enrollment program we click on skip.
- We put the name of our “organization” (the rest we can leave blank) and click on next.
- As we want this whole organization to be completely new, we will have to click on generate a new supervision identity that will contain the identity and name of our organization, as well as the rest of the data that we have filled in the previous step.
- On the next page we leave all the options as they are and click on “Prepare”. When we do so, the system will ask us for the password of the computer, since we are going to make changes in the system settings, that is, to link the certificate between iPhone/iPad and our Mac.
- Once the whole process is completed we will have to create a new profile that will include all the restrictions of Pair Locking. To do this we do click on the top bar under File > New Profile. Fill in the name you want and in the security section select “Never” so that no one can delete the profile between the iPhone and the Mac, or “With Authorization” with which we can set a password that allows us to delete it in case we lose or damage the Mac (It is advisable to leave it at NEVER).
- In this same window we access the Restrictions section and click on configure. A list will appear with all the options, apps and settings that we can allow or not as we want, but we have to make sure that the option “Allow link with non-configuration host” is disabled.
- We close this window and save this configuration wherever we want (it is important to know where we save it).
- In the main screen of Configurator 2 we do click Right on the image of our iPhone > Add > Profiles and select the profile that we just saved in the previous step.
Once the whole process is finished, we will have our equipment as if we had activated it for the first time. It is important to remind you that we cannot install a backup, as doing so would result in the loss of the entire monitoring system that we have just installed. We’ll have to set it up as new and activate all the options we want one by one, the most important being our Apple ID to synchronize all our files and so on.
From this moment on and every time our iPhone or iPad is connected to a different terminal than the Mac we’ve linked it to The warning message “This iPhone (or iPad) is being monitored by another computer and cannot be used on that terminal” will appearand immediately blocking access to all our data.
Currently this system works perfectly to protect our personal informationBut we have no doubt that in time, some greater protection will be needed from Apple, and even laws to protect our privacy from third parties.