iCloud security overview
iCloud stores a user’s contacts, calendars, photos, documents and more and keeps the information up to date across all their devices automatically. iCloud can also be used by third-party apps to store and sync documents as well as key values for app data as defined by the developer. Users set up iCloud by signing in with an Apple ID and choosing which services they would like to use. Certain iCloud features, such as iCloud Drive and iCloud Backup, can be disabled by IT administrators using mobile device management (MDM) configuration profiles.
iCloud uses strong security methods and employs strict policies to protect user data. Most iCloud data is first encrypted on the user’s device, using device-generated iCloud keys, before being uploaded to iCloud servers. For data that isn’t end-to-end encrypted, the user’s device securely uploads these iCloud keys to iCloud Hardware Security Modules in Apple data centres. This allows Apple to help the user with data recovery and decrypt the data on the user’s behalf whenever they need it (for example, when they sign in on a new device, restore from a backup or access their iCloud data on the web). Data moving between the user’s devices and iCloud servers is separately encrypted in transit with TLS, and iCloud servers store user data with an additional layer of encryption at rest.
Encryption keys, when available to Apple, are secured in Apple data centres. When processing data stored in a third-party data centre, these encryption keys are accessed only by Apple software in use on secure servers, and only while conducting the necessary processing. For additional privacy and security, many Apple services use end-to-end encryption, which means the user’s iCloud data can be accessed only by the users themselves, and only from the trusted devices where they are signed in with their Apple ID.
Apple offers users two options to encrypt and protect the data they store in iCloud:
Standard data protection (the default setting): The user’s iCloud data is encrypted, the encryption keys are secured in Apple data centres, and Apple can assist with data and account recovery. Only certain iCloud data — 14 data categories, including Health data and passwords in iCloud Keychain — is end-to-end encrypted.
Advanced Data Protection for iCloud: An optional setting that offers Apple’s highest level of cloud data security. If a user chooses to turn on Advanced Data Protection, their trusted devices retain sole access to the encryption keys for the majority of their iCloud data, thereby protecting it using end-to-end encryption. When users turn on Advanced Data Protection, the number of data categories that use end-to-end encryption rises to 23 and includes their iCloud Backup, Photos, Notes and more.
The specific categories of iCloud data protected with end-to-end encryption are listed in the Apple Support article iCloud data security overview.