Microsoft Adds iCloud Support for Office for iOS Apps



Microsoft released new versions of Microsoft Word, Microsoft PowerPoint and Microsoft Excel for iPhone/iPad today that allow users to open, edit, and save to iCloud. This comes on the heels of Microsoft making these apps free, adding Dropbox support, and expanding storage space on OneDrive for subscribers of Office 365. Microsoft seems to be fulfilling its promise to concentrate on getting users using Microsoft Services and software without forcing them to get locked into one platform. 

If you are already using Word, Excel, and PowerPoint on your iPhone/iPad, just check the App store for the free update. Otherwise search the App store to download these apps for free. 

Now Anyone Can Use iWork on the Web

Apple has taken the iWork suite of applications out of Beta status on iCloud, and now anyone can create an account and use Pages, Numbers, or Keynote for free. This is significant because now you can create, share and collaborate on documents, presentations, or spreadsheets even if the other person doesn’t have a Mac, iPhone or iPad. I have personally been very happy with the web versions of Pages, Keynote, and Numbers and have used each repeatedly in my web browser on my Windows machine.

iCloud.com login Accounts are created by using a valid email address that is not already associated with an Apple device (if you already have created an iCloud account on a Mac, iPhone, or iPad, you already have free access to these applications with your existing account). Just visit iCloud.com to create your account or login to an existing account. Once you login you will see icons for Pages, Keynote, and Numbers and you can instantly start creating and sharing. 

Along with the free access to the fully featured web versions of the iWork suite of applications, users are also given a free 1gb of disc space to use on iCloud. If you have friends that don’t currently use Apple products and you want to show the quality of the applications, share a link. Even though I’m a big fan of Office 365, I personally find the iCloud apps much easier to use than Google apps. Since it is free to create an account, go for it if you currently do not own an Apple device and have been curious of the allure of iWork. 

Microsoft OneDrive Goes Unlimited, Improved Encryption for Business Users

Microsoft OneDrive for iPhone

Microsoft announced on Monday October 27, 2014, that its cloud file service, OneDrive, has been updated to allow unlimited storage to subscribers of Microsoft Office 365. Microsoft OneDrive was just updated earlier this summer to provide Office 365 subscribers with 1TB of cloud storage. This means that for as low as $6.99 per month, a user can have a full version of Microsoft Office installed on a desktop computer, use Microsoft Office on the iPad, use Microsoft Office Online, and have unlimited cloud storage of Microsoft OneDrive.

Microsoft OneDrive for iPhone

The storage update is being rolled out in phases beginning with Office 365 Home, Personal and University customers. Microsoft promises that the roll-out will continue over the next few months, with OneDrive for Business customers seeing unlimited storage in 2015.

Additionally, Microsoft announced enhanced Mobile Device Management (MDM) for Office 365. IT administrators will be able to set more advanced mobile device policies for iOS, Android and Windows Phone devices running Office 365 beginning the first quarter of 2015. This will be done directly from the Office 365 administration portal, and will allow an Office 365 administrator to perform selective wipes of devices to remove only Office 365 corporate data (and leaving personal data intact), to set requirements of security (like pin access), and disable services if a Jailbreak or root is detected.

Microsoft also indicated that SharePoint and OneDrive for Business have been enhanced to provide advanced encryption of data at rest (while files are stored on Microsoft’s servers). Per-file encryption has been added, which means that every file stored on OneDrive for Business now has its own unique key, and any update to the file creates a new unique key. This means that even if an individual is somehow able to intercept the encryption key, it will only work for one file, and is only valid until that file is modified. Also if brute force is used to break the encryption of the protected file, each and every file has to have its encryption key broken separately.

These updates to OneDrive for Business and Office 365 further strengthen Microsoft’s offering in the cloud and office productivity areas. Microsoft is making it easier everyday to leave competing products from Google and DropBox behind.

Apple’s iMessage Can Cause Problems when Issuing Employees iPhones

 

iMessage iNo

The Technology and Marketing Law Blog recently had a post describing an employer lawsuit that included privacy infringement based claims against an employer for intercepting iMessages using his company supplied iPhone. Although the California Court ultimately rejected the claim, it had an interesting fact pattern that raises concerns for attorneys and employers.

The employee in the claim had been issued an iPhone from his employer. Upon being issued the iPhone, he associated the phone with his personal Apple iCloud account and enabled Apple’s iMessage. iMessage, unlike standard SMS text messages, allows sending and receiving text messages without an active cellular number. This means that if you register your cellular number with iMessage, your Apple account will allow you to send and receive iMessages on other devices with a broadband connection, even if you have no cellular connection. When you switch to a different cell phone (even if it is another iPhone), you must disable iMessages, or else your old iPhone will continue to receive iMessages if it is on a WiFi network, or another cellular account is registered with it.

The problem is that after the employee’s employment ended, he returned his company issued iPhone, and did not wipe the device or disable iMessages. The employee claims that his former employer continued to receive and review his text messages since his Apple iMessage account was not disabled. The California Court ultimately decided that the employee had no privacy claim against his former employer.

The reason that I found this case interesting, is because I am sure that there are plenty of attorneys in Delaware that are issued iPhones and/or iPads by their employers. This immediately causes concerns for me about employees taking steps to make sure that their data cannot be accessed once they leave their current employment. If you have linked a personal Apple iCloud account to your iPhone or iPad, some of your data created after starting a new job, may be accessed by a former employer. Both messages sent and received by iMessage, as well as any data stored in iCloud, may continued to be accessed on the old device until the Apple iCloud account is removed or your password is changed.

If you are currently using iMessages and iCloud on your employer-issued iPhone or iPad, you will want to make sure that you sever any connection before your employment ends. If you do not, there is a chance that text messages you receive in new employment may be intercepted by a former employer. If you are an employer issuing iPhones or iPads, you will want to have a clear policy on the type of personal information and accounts permitted on a company issued iDevice. Even for an employer, concerns arise that after an employee is terminated, information that was saved to iCloud (like documents created in Pages or Keynote) may continue to be available to former employees. For a managing partner at a law firm you need to know how confidential materials are being stored.

I would recommend not using iCloud and iMessage on any employer supplied iPad or iPhone. Although this eliminates some of the benefits of these services, it protects both an employee and employer from the concern of confidential information being accessed after the employment relationship has ended. Beyond the concern of private personal data being accessed, if an attorney has an old iPhone/iPad that is still receiving data from iCloud that can potentially be accessed by a former employer, there is a very real chance of violating your obligations under Rules 1.1 and 1.6 of the Delaware Rules of Professional Conduct. If you do use iMessage or iCloud, and you are not able to disable these services when employment is terminated, it is important that you immediately change your iCloud password to protect your data. Changing your password should protect you against a former employer accessing documents and data that apps store in iCloud. You should also contact Apple Support to have your old phone number deregistered from iMessage.

See Sunbelt Rentals, Inc v. Victor for the California District Court Decision.

 

Updating to iOS 8 or Getting a New iPhone 6? Backup with iTunes First!

With iOS 8 and the iPhone 6 and iPhone 6 Plus launching this week, it is important that attorneys remember to backup their devices before updating to a new phone or the new operating system. Although it is possible to use iCloud for backups, I have discussed the security concerns of doing so in the past. Your best bet is to use iTunes to create a local copy of your iPhone or iPad before applying any update.

The video above walks you through the process of connecting your iPhone or iPad to your computer and doing an iTunes backup. This should be done on a fairly regular basis to make sure that you can always easily restore your phone or iPad if they are lost, stolen, or malfunction. The process is quite simple, and after the initial backup, runs quickly for subsequent backups.

In addition to using iTunes because it is more secure. it is also nice to use iTunes because it speeds up the process of restoring your device if you have to. If you use iCloud it could take over a day to restore your device if you need to and you have to have a working internet connection during the entire restore process. With an iTunes backup, you simply plug your device into your computer, hit the restore button and at most it takes an hour or two to restore.

I hope that the video is helpful for those that have not used iTunes to backup in the past.

Serious Flaws Discovered in Apple iCloud Backup Security

Recently I posted an article explaining why attorneys should be concerned about the recent iCloud celebrity photo breach. At the time that I posted the article, details were just coming out about how these individuals had their confidential materials leaked. Since then, the leading theory has been that the celebrities had their iCloud iPhone backups accessed by malicious users using tools originally developed for law enforcement purposes. Christina Warren of Mashable recently posted a great article explaining just how easily she was able to hack her own iCloud backup. I recommend that all attorneys read her post to see just how easy some of this information can be obtained.  

My recommendation based on the events of the past week is that attorneys should not store confidential materials on iCloud until Apple makes the online service more secure. If you backup your iPhone or iPad using iTunes, you have the option of encrypting your backup with a separate password (that can and should be different from your iTunes password). Unfortunately this option is not available for iCloud backups. Without a second-factor authentication option or a separate encryption password for your online backups, a malicious user would only need to determine your iCloud password to access all your backed up data.

image

You can turn off iCloud backup by going into your iOS settings and choosing iCloud. Within the initial iCloud settings you can choose Storage & Backup to choose whether to enable iCloud Backup. Within that settings panel simply disable iCloud backup to turn it of on your device.

image

If you have other iOS devices, choose Manage Storage and from there you can delete backups from iCloud. You also should be careful that you understand what other apps on your device may be using iCloud to store data. To determine this, choose Documents & Data from within the initial iCloud settings. This will give you a list of apps that are storing data on iCloud. If you keep confidential client data within any of these apps, you may want to disable the ability of these apps to store documents and data in iCloud.

image

It is important to remember that these recommendations are only if you have confidential information on your device. If you do choose to disable iCloud backups, it is important that you plug your device into your computer and backup using iTunes on a regular basis (and select the encryption option in iTunes). Email account passwords are not stored on the iCloud backup, so do not worry about this information being at risk if you do choose to use iCloud backup.

I am hoping that with the attention this has been receiving in the press that Apple quickly offers options to better secure iCloud in the near future. In the meantime, it is important that you at least understand what data on your device is being uploaded to the cloud and that you know if it is adequately protected.

Update: According to 9 to 5 Mac, Apple’s CEO Tim Cook has issued a statement promising that Apple will enable new notifications in the next two weeks to address some of the concerns discussed above. Notably individuals will begin to receive emails when a password is changed, when a backup is restored to a new device, when a device logs into iCloud for the first time, and users will be able to use two factor authentication for iCloud when iOS 8 is released. It is nice that Apple is promising quick improvements to better secure user’s data.

Read Christina Warren’s How I Hacked My Own iCloud Account, for Just $200 http://feedproxy.google.com/~r/Mashable/~3/I41sXRKDLao/

Celebrity iCloud Image Breach and Client Confidentiality

iCloud ConfidentialityI recently posted a new article on Mobile4Law.com about Client Confidentiality in light of the recent iCloud celebrity image leak that occurred over this past weekend. iCloud is a service offered by Apple that is available on every current iPhone and iPad that allows certain data on your device to be stored in the cloud. Over the weekend, it was reported that about 100 different celebrities had personal images accessed that were being stored using Apple’s iCloud service.

It is suspected that these photos were accessed by malicious users using a brute-force attack to guess passwords of the accounts affected. It appears that the only reason they were successful in the attack is because the accounts were using simple passwords, and that Apple did not lock accounts after a certain number of unsuccessful login attempts. 

In the article on Mobile4Law.com, it is explained why this should be a concern to individuals in the legal community that use cloud services for storage of confidential cloud information. I suggest that attorneys take a look at revised Rule 1.6 and the comments to that rule, and determine if they would have committed an ethical violation if confidential client information had been accessed from their account using this same attack.  

Steve Butler PhotoThis post was written by Steven Butler. Steven is a full-time Delaware attorney that limits his practice to Social Security Disability. Along with being a contributor for iPlugDelaware, he is a partner at Linarducci & Butler, PA.

1 2 3