iCloud security overview
iCloud stores a user’s contacts, calendars, photos, documents, and more and keeps the information up to date across all of their devices automatically. iCloud can also be used by third-party apps to store and sync documents as well as key values for app data as defined by the developer. Users set up iCloud by signing in with an Apple ID and choosing which services they would like to use. Certain iCloud features, such a iCloud Drive, and iCloud Backup can be disabled by IT administrators using mobile device management (MDM) configuration profiles.
iCloud uses strong security methods and employs strict policies to protect user data. Most iCloud data is first encrypted on the user’s device, using device-generated iCloud keys, before being uploaded to iCloud servers. For data that isn’t end-to-end encrypted, the user’s device securely uploads these iCloud keys to iCloud Hardware Security Modules in Apple data centers. This allows Apple to help the user with data recovery, and decrypt the data on the user’s behalf whenever they need it, (for example, when they sign in on a new device, restore from a backup, or access their iCloud data on the web). Data moving between the user’s devices and iCloud servers is separately encrypted in transit with TLS, and iCloud servers store user data with an additional layer of encryption at rest.
Encryption keys, when available to Apple, are secured in Apple data centers. When processing data stored in a third-party data center, these encryption keys are accessed only by Apple software running on secure servers, and only while conducting the necessary processing. For additional privacy and security, many Apple services use end-to-end encryption, which means the user’s iCloud data can be accessed only by the users themselves, and only from the trusted devices where they are signed in with their Apple ID.
Apple offers users two options to encrypt and protect the data they store in iCloud:
Standard data protection (the default setting): The user’s iCloud data is encrypted, the encryption keys are secured in Apple data centers, and Apple can assist with data and account recovery. Only certain iCloud data—14 data categories, including Health data and passwords in iCloud Keychain—is end-to-end encrypted.
Advanced Data Protection for iCloud: An optional setting that offers Apple’s highest level of cloud data security. If a user chooses to turn on Advanced Data Protection, their trusted devices retain sole access to the encryption keys for the majority of their iCloud data, thereby protecting it using end-to-end encryption. When users turn on Advanced Data Protection, the number of data categories that use end-to-end encryption rises to 23 and includes their iCloud Backup, Photos, Notes, and more.
The specific categories of iCloud data protected with end-to-end encryption are listed in the Apple Support article iCloud data security overview.