Building a slide deck, pitch, or presentation? Here are the big takeaways:
- An update to the iOS Security Guide confirms Apple is using Google Cloud Platform for data storage.
- Previous versions of the report named Microsoft Azure, though these references were removed in the new release.
A recent update to the iOS Security Guide, a white paper published by Apple for developer reference, confirms for the first time that file storage in iCloud is handled (at least, in part) by Google Cloud Platform.
The passage, found on page 53 of the iOS Security Guide, notes:
The service is agnostic about what is being stored and handles all file content the same way, as a collection of bytes.
Each file is broken into chunks and encrypted by iCloud using AES-128 and a key derived from each chunk’s contents that utilizes SHA-256. The keys and the file’s metadata are stored by Apple in the user’s iCloud account. The encrypted chunks of the file are stored, without any user-identifying information, using third-party storage services, such as S3 and Google Cloud Platform.
According to a report from CNBC, previous versions of this document indicated the use of both Amazon S3 and Microsoft Azure. While this marks the first time that Google Cloud Platform was named as a third-party storage provider, this document had previously also listed Microsoft Azure as a provider, though the absence of this mention does not necessarily indicate that Azure’s role in Apple’s hybrid cloud architecture was diminished.
SEE: EU General Data Protection Regulation (GDPR) policy (Tech Pro Research)
Rumors that Apple had started migrating to Google Cloud first came about in March 2016. At the time, it was reported that Apple would spend between $400 and $600 million dollars in a move to diversify away from Amazon Web Services (AWS). The update to the iOS Security Guide naming Google was published this January, the previous version was issued in March 2017. From the document, it is unclear when Apple started using Google Cloud Platform services, and if services other than storage are being used.
Scrutiny of iCloud operations has increased in recent weeks. In January, Apple announced the transfer of operational responsibility for iCloud in China to Guizhou-Cloud Big Data Industry Development, an organization owned by the Guizhou provincial government in southern China. This transfer–which will go into effect on February 28th–was made to comply with a cybersecurity law enacted in the country last June.
As part of this, Apple plans to store the encryption keys for iCloud accounts within China as well, a move which has prompted criticism from human rights groups. According to a report from our sister site CNET, “The company says it will hand over data only in response to valid legal requests from Chinese authorities and that it hasn’t built in any backdoors for access.” In the second half of 2017, Apple had removed hundreds of VPN apps from the App Store in China, at the behest of the Chinese government.
The changes to iCloud operations in China do not affect users outside of China.