Maybe some might feel that way at first, but it’s also an opportunity and responsibility to educate.

This problem is why enterprise contractual agreements and large compliance systems exist for companies at this scale. Large hosting providers like AWS, Azure, GCP, etc. provide an ability to scale and assurances about risk mitigation, privacy, and availability that are much more viable than each company having to maintain their own private in-house fleets just to create an additional illusion of privacy/security that’s actually no better than tight contractual controls to begin with.

Maybe they need to explain this properly, but servers don’t magically have a lower level of risk just because they’re behind your four walls. In fact, if you lack the experience and expertise, the risk is almost certainly higher depending on your threat model. (And for Apple, their threat model is at the nationstate level. They don’t choose their hosting providers lightly.)