A few experts have taken their time to thoroughly analyze Apple’s iCloud and they concluded that it clearly follows the industry’s best practices in ensuring that customer data and privacy are protected.
However, according to ArsTechnica, Apple doesn’t hide the fact that even though everything is protected against hackers and other unauthorized third parties, they are always willing to comply with requests made by authorities.
Apple itself can easily access data such as contacts, e-mails, application preferences, bookmarks, calendar entries and basically any other information that users don’t encrypt themselves.
Furthermore, experts believe that because Apple holds and controls the encryption keys that are being used to secure the data, enterprise users shouldn’t trust the iCloud with their most valuable company secrets.
It’s well known that with the introduction of Bring Your Own Device (BYOD) many companies expose their most valuable assets if proper policies are not implemented, but as it turns out, Apple customers may also be exposed because of the encryption system utilized by iCloud.
“In a symmetric encryption system, there's always a back door. There's always the chance, however remote, that some rogue employee could use the master key to decrypt and access your data,” said Echoworx Vice President of Products, Robby Gulri.
Of course, Apple does its best to secure customer data. The company ensures that data is transmitted through SSL, that it's encrypted using 128-buit keys, and it even banned developers from using individual UDIDs.
The bottom line is that you can trust the iCloud to take care of your data, but keep in mind that Apple can access it at any time and hand it over to law enforcement agencies. Also, that encryption system is not bulletproof, so you may want to store your company’s most valuable secrets someplace else.