Traditionally, the Apple ecosystem has been viewed as “safe” for security-minded enterprises. However, changing work environments and threat landscapes mean that organisations can’t rely purely on vendors to preserve their changing perimeter’s security.
Under new ways of working, traditional forms of implementing security for user devices aren’t always suitable. Often, they don’t account for the fact that:
- Most of today’s workloads are cloud-hosted
- Apps are everywhere and used ubiquitously
Another shift in dynamics concerning device provisioning is that users now expect a more considerable say in what devices they use and how they use them.
As millennials join the workforce and climb the corporate ladder, they are pushing for the adoption of Apple devices and ecosystems. Macs now own 44% of the enterprise device market and are growing faster than competitors. BYOD is also becoming more sought-after as users prefer familiar and consistent experiences.
Obstacles to Enabling a Secure & Modern Workplace
Unsurprisingly, introducing new devices into changing working environments brings a host of challenges. Businesses have to manage increasing risk levels without introducing measures that impact the user experience or productivity.
Most users use multiple devices, which introduces a whole range of metrics to track for management and security, including:
- What devices and how many form part of your network?
- What is their condition?
- What hardware or software versions do they run? Are there any concerns regarding outdated software with potential security exploits?
- Are users maintaining proper cybersecurity hygiene on their devices? For example, strong passwords, SSO, unauthorised apps, etc.
Due to these changing conditions and the dissolution of traditional security perimeters, hackers target users as low-hanging fruit. Threat actors directly target endpoints to locally exploit devices and users and to gain access to the larger organisation’s network.
Macs and Cybersecurity
of infections involved known malware
was new malware by a known attacker
were completely zero-day malware
The heightened threat landscape has arrived during a challenging period for enterprise cybersecurity:
- 61% of users have allowed friends or family members to use their work devices – Companies need to set dynamic acceptable use policies to clearly inform users what is and isn’t permitted on work devices.
- 28% of corporate devices are running a vulnerable OS – Outdated software with known vulnerabilities is one of the most common lines of attack for threat actors.
- Only 37% of companies report using whole-disk encryption – If devices aren’t fully encrypted, some data will constantly be exposed. In 90% of cases, stolen devices cannot be adequately classified because of this lack of encryption.
- Remote workers are 26x more likely to fall victim to cyberattacks – Remote users bring additional security, regulatory, compliance, and financial risk.
With growing networks and work-from-anywhere policies, cyber attackers have a larger potential surface area to attack than ever.
Considering all this, it’s no surprise that human error is the leading cause of 82% of successful cyberattacks. Far from merely impacting individuals, these often lead to disruptive attacks against the business, like ransomware or DoS (Denial of Services) attacks.
Realise the Mobile is not Risk-Free
There is also the misconception that mobile cyber threats are less prevalent. However, 60% of security professionals believe that the real issue is that mobile malware simply goes unreported. For example, research by Jamf shows that many types of malware are pervasive in mobile apps:
Furthermore, the fact that mobile devices are “always-on” also means that they are “always vulnerable.” Attackers will try a broad range of vectors to compromise these devices, from general malware to OS exploits to highly targeted attacks. This means that organisations require a comprehensive and defensively layered cybersecurity solution
How to Securely Configure Enterprise Devices
There is a concerted effort from cyber industry leaders, businesses, government, and public interest groups to define best practices for enterprise security and compliance. Numerous standards exist to help companies to advance their cybersecurity maturity levels, such as GDPR (General Data Protection Regulation), Cyber Essentials, and CIS (Center for Internet Security) benchmarks.
However, in broad strokes, here are the essential measures organisations should aim to put in place:
- Acceptable Use Policies: Define and communicate how, when, where, and why corporate devices can be used. This includes what content users can access, who can use the device, and what applications they may install.
- Cellular Usage Controls: Unconstrained mobile service usage can lead to financial risk (bill shock) and an interruption of service.
- Shadow IT: The use of unauthorised applications can lead to company data being mishandled outside the security perimeter. Organisations must address this via security policies.
Jamf specialises in management and security for Apple devices. The company acquired Wandera to help expand its security portfolio but still focuses on being an Apple-best management and security provider.
Jamf has been active for over 20 years. Their close relationship and synergy with the Apple ecosystem are some of the reasons they were able to detect 36% of new malware infections that other vendors missed.
This hyper-focus also means Jamf has developed the capability to detect a wide range of Apple-targeted malware threats for both PCs and mobiles.
Jamf aims to empower users by giving them immediate access to the latest features without incurring additional security risks. It’s the only organisation offering same-day support for major and minor releases.
Get in touch to find out more about securing your Apple suite of devices.