Privacy and security implemented by Apple both on their computers and operating systems have become one of the fundamental pillars for the company. In fact, it is not the first time that Apple appears in the media for refusing to facilitate access to its computers at the request of the FBI or another agency, after their attempts to force their operating systems to collect information from some users.

A right to privacy of our data that is under constant attack not only by hackers or scamer’s, but also by law enforcement since in some airports or borders, they are demanding their personal equipment from citizens to carry out data scans under the excuse of “national security”.

For the vast majority of users an alphanumeric security code is more than enough to protect your equipment, but there is an even much more restrictive method called “Pair Locking” or supervised mode, which links a single computer to the iPhone or iPad and makes it inaccessible in front of another computer or technological data scanning equipment.

Considerations before activating Pair Locking

As we have advanced, This system puts our equipment in a surveillance state that prevents our data from being accessed. from an unauthorized computer for further analysis, making it a fundamental tool in the business world. But it is also becoming an alternative for those users who want to protect their data at all costs, although the following considerations must be taken into account:

By configuring Pair Locking on our computers, the information on our computers will be completely removed. A deletion after which we can access and activate iCloud, Install Apps, settings and others but individually, since if we restored a backup we would remove the surveillance status from the ‘Pair Locking’ system and return to normal mode.

This system Link the iPhone or iPad with our Mac computer. So anyone who has access to or uses our Mac will be able to access all the data on our computer once they connect it by cable.

If by any chance the Mac to which we have linked it is damaged or we lose the surveillance status data that we are going to create, our terminal (iPhone or iPad) will be blocked and there will be no way to connect to it.

How to activate and use Pair Locking to protect our equipment

We download it to the Mac to which we are going to link Configurator 2 from the Mac App Store.

We connect our iPhone or iPad to the Mac using the USB cable.

We open the Configurator 2 application on our Mac and click on the prepare button on the top bar.

From the pop-up menu that appears, we have to check that it activates “Monitor devices” and “Allow devices to link with other computers”. This second option is important since it would allow us to add or remove profiles without having to restore the equipment in case of changing computers.

On the next screen we click that we do not want to enroll the equipment in the MDM (references to the mobile device management servers with which the devices communicate).

When they ask us for our Apple ID for the device enrollment program, we click on skip.

We put the name of our “organization” (the rest can be left blank) and click on next.

Since we want this entire organization to be completely new, we will have to click on generating a new supervisory identity that will contain the identity and name of our organization, as well as the rest of the data that we have filled in the previous step.

On the next page we leave all the options as they are and click on “Prepare”. When doing so, the system will ask us for the team password, since we are going to make changes to the system settings, that is, link the certificate between iPhone / iPad and our Mac.

Once the entire process is complete we will have to create a new profile that will include all the Pair Locking restrictions. For this we click on the top bar in File> New Profile. Fill in the name you want and in the security section select “Never” so that no one can delete the profile between the iPhone and the Mac, or “With Authorization” with which we can establish a password that allows us to delete it in case we lose or Mac is damaged (It is recommended to NEVER leave it).

In this same window we access the Restrictions section and click on configure. A list will appear with all the options, apps and settings that we can allow or not as we want, but we have to make sure that the option “Allow the link with non-configurator hosts” is disabled.

We close this window and save this configuration wherever we want (it is important to know where we save it).

In the main screen of Configurator 2 we right click on the image of our iPhone> Add> Profiles and select the profile that we have just saved in the previous step.

Once the whole process is finished, we will have our equipment as if we had activated it for the first time. It is important to remind you that we cannot install a backup, since doing so would lose the entire monitoring system that we just performed. We will have to configure it as new and go activating one by one all the options that we want, the most important being our Apple ID to synchronize all our files and others.

From this moment and every time our iPhone or iPad connects to a terminal other than the Mac with which we have linked The warning message will appear “This iPhone (or iPad) is being supervised by another team and cannot be used in that terminal”, immediately blocking access to all our data.

Now this system works perfectly to protect our personal information, but we do not doubt that over time Apple will need a greater protection system and even laws that protect our privacy from third parties.

