I received a question from a longtime reader asking me how comfortable I was with Wi-Fi synchronizing of apps versus using a cloud method. It’s a legitimate question; suddenly all our private data, normally kept within our own local network, is now being sent out to the Internet for (potentially) all to see. How safe is the data we’re putting out there?
iCloud automatically encrypts your data as it is copied, so anything flying through the airwaves is not likely to be grabbed by someone with a packet sniffer. With wireless networking, however, the encryption has to be set up when the network is created. If you have a wireless network that does not require a password to connect to it, there is no encryption of the data as it passes over the wireless. If you’re not the person who set up the network, the encryption level is out of your control. (Some applications may do their own encryption, but the network itself does not.) While an open network is sometimes okay for the average home user, a business should never use an unencrypted wireless network for transmitting data.
Of note was 1Password—where it used to require local syncing, now it can sync via Dropbox. How safe is this? Dropbox uses the same level of encryption used by financial institutions, i.e. Secure Sockets Layer (SSL) and AES-256 bit encryption. In addition, 1Password uses encryption for your password file. The only way to unlock the file is with your master password. Rather than re-explain it, here’s the info from Agile’s page.
In the case of iCloud, your data is encrypted both in transmission and storage, most likely using your Apple ID’s password as part of the encryption key. Apple’s article about it is here. In theory, anything you put up on iCloud is secure enough for most people. If you are seriously concerned about privacy, you can always use some other encryption program on your files before sending it to the cloud (regardless of whose cloud you use.) This would probably only apply to documents; I can’t think of any reason why music files would need to be encrypted. This does not apply to Wi-Fi sync via iTunes however—anything you sync between your computer running iTunes and your iOS device is subject to the same encryption (if any) as is used by your wireless network.
Personally, I use both Wi-Fi sync for my iPhone as well as iCloud for keeping all my stuff the same across systems. The key part is that at some point, you have to place your trust in the company providing the service. Apple created not only our Macs, but also the OS we’re using, and we trust that they aren’t putting in any backdoors to collect our stuff. (If they were, you can bet that it would be all over the news.)
Security is a big buzzword now; where people years ago knew nothing and cared less, now everyone is aware that data needs to be protected (some even tipping towards the fanatical side). On the other hand, we have always suspected that Google and Facebook are collecting private information, yet we continue to use them regularly. One would assume Apple would never risk its reputation by intentionally collecting personal data.
In my mind, it’s really no different than handing your credit card to a restaurant server. How do you know that card isn’t being taken into the back room and copied for later use? Restaurants are places that have been in existence for years, so there is an inherent trust. Large computer companies that have been in business for as long as Apple and Microsoft tend to garner trust in its users (although you will always have the conspiracy theorists who assume ANY large corporation is up to no good.)