According to researcher and iOS security veteran, Jonathan Zdziarski (@jzdziarski) —
Upon receipt of a valid search warrant, Apple can extract certain categories of active data from passcode locked iOS devices.
…only categories of user generated active files that can be provided to law enforcement, pursuant to a valid search warrant, are: SMS, photos, videos, contacts, audio recording, and call history. Apple cannot provide: email, calendar entries, or any third-party App data.
However, there are services present that
give enterprises access to corporate devices. These back doors are in your phone’s firmware, whether it’s company owned or not, and their security mechanisms are likely also within the reach of others, such as government agencies or malicious hackers.
with today’s BYOD culture, employees may be unknowingly allowing their personally-owned devices to be forensically accessible to a company’s internal investigations team (as well as law enforcement, with the enterprise’s consent) by simply enrolling it into the corporate MDM policy. Additionally, new employees that are issued devices may be permitted to retain personal information on their corporate device without first being informed that their devices could, at any time, be subject to a thorough search that bypasses security.
The bottom-line is that you should be aware of pairing your device. If you pair your device with an Enterprise MDM you’re personal data has a greater risk of being tapped.
Jonathan makes a great point in conclusion, and that is
Apple would do well to begin separating consumer firmware from enterprise firmware, to offer a hardened version of its operating system to consumers. This (and other enterprise back doors) introduced into iOS over the years threaten to weaken the overall security of the device for the majority of consumers (who never enroll in an enterprise environment).
I can’t agree more.
[Updated, 7/23/14] Apple responds here.