Get in Touch

  • Email Us
  • INTL 001.562.252.3789
    USA 800.430.4095
Hal Licino

iCloud Could Rain Data Security Violations on Email Marketers

Jun 23 2011, 04:58 PM by

The iCloud has been welcomed with typical Apple-evangelist enthusiasm across the iWorld, but there is one group of users looking at the new development as a nebulous harbinger of iStorms to come. Enterprise IT administrators have expressed dismay at Apple’s lack of security requirements for data stored in the cloud, as well as the inability of the user to be able to block the upload of any specific content to Apple’s servers. This is not an esoteric factor that only concerns MIS managers at multinational corporations, as any email marketer with employees utilizing iDevices could find themselves in a real compliance iMess.
Every Opened Files Ends up in the iCloud
Let’s examine this scenario: You send to one of your employees a Word, Excel or PowerPoint document containing a handful of names and email addresses from your list so that they might review their behavior, customer service issues or any other factors. The employee opens the email attachment on an iPad which automatically launches Apple’s corresponding app: Pages, Numbers or Keynote. The second that file is opened, a copy is uploaded to Apple’s servers. Once your employee has finished the work, they send the work file back to you but their version of the document remains in the iCloud.
iCloud Safe? Hackers Have Cracked the CIA!
Since the hackers have managed to crack into the CIA’s own website, it is fairly certain that all the juicy information floating around in the iCloud will pose little challenge. However, even if we ignore the possibility of exposure through a LulzSec type of penetration into your online files, a predominance of international email legislation including the massive European Union (EU) require that every single byte of personal information be irrevocably deleted upon customer request. Complying with such a request is difficult enough when your own server backups are taken into consideration, but when your customer data may be peppered throughout the iCloud in various employee accounts, that data has completely escaped your control.
iCloud Data Insecurity Violates EU Regulations
Another troublesome aspect of the iCloud is that any file becomes automatically accessible to all of that user’s linked devices, so a file opened on an employee’s iPad immediately becomes available to their kids playing on their Mac at home, their spouse who is using their iPhone, and so on. The EU and other national regulations are extremely clear in placing responsibility for all customer data with the original marketer, and allowing any of it to end up in the iCloud accessible by a variety of non-employees could be deemed a serious violation subject to massive fines.
iCloud Users Cannot Segregate Work Data
At this time there seems to be no way for users to segregate work data from personal files and thus everything will be uploaded indiscriminately into the iCloud. To be fair, Google Docs and effectively every other cloud service incorporate similar chasms in data security. However, iOS is the world’s third most used operating system after Windows and Mac OS X, and with the universality of adoption of the iCloud in all iOS devices data security on any file opened on an iDevice has essentially evaporated. Personal customer data could very easily find itself in the iCloud, passed onto other Apple devices used by friends and family, forwarded on to who knows who, and show up in the darndest places.

Should email marketers outright block internal use of the iCloud? There seems to be no easy way to do so, given the proliferation of iDevices. When you send an email there is no easy way to block it from being read on an iDevice, so establishing a company policy that emails be read only on non-cloud-able computers could be nearly impossible to enforce. The only even remotely feasible policy is to place a firm moratorium on the internal emailing of any information that pertains to any of your clients, but even that would be highly impractical. Your staff needs to access various aspects of identifiable client data and unfortunately there seems to be no reasonable way to avoid that information from landing in the iCloud.

Posted in Tips & Resources, Email Marketing News

Related Blogs