Apple’s security landscape: entering the world of enterprise risk

You can’t attend Transform 2022? View all summit sessions in our on-demand library now! See here.

Apple devices not immune to hacks, but over the years they seem to have happened. While other vendors like Microsoft face the brunt of complex exploits targeting the enterprise market, macOS and iOS don’t face the same level of pressure as a consumer-focused vendor. use.

However, this seems to be changing. During the height of Pandemic caused by covid-19, Atlas VPN reported that Apple product vulnerabilities increased by 467% in the second half of 2021 to 380 exploits.

Likewise, this year alone, there have been eight publicly disclosed zero-day vulnerabilities used in attacks on the Internet. Iphone and Mac devices. Most recent, CVE-2022-32917allowing an attacker to run malicious code on a user’s device with kernel privileges.

While no vendor is immune to security vulnerabilities, Apple devices are becoming a bigger target for cybercriminals to exploit, especially when they infiltrate enterprise environments.


MetaBeat 2022

MetaBeat will bring together thought leaders to deliver guidance on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, CA.

register here

How the threat landscape is changing for Apple

The increase in vulnerabilities during the COVID-19 pandemic is notable because it comes at the same time that Apple devices are starting to gain more adoption in enterprise networks.

That same year in 2021, IDC shows that the average penetration of macOS devices in businesses with 1,000 or more employees has increased to 23% from 17% in 2019. This happens when organizations accept to work from remote and allow employees to use personal devices to work from home.

It is important to note that this increase also occurred shortly after the release Apple M1 chip in November 2020 – Apple’s first computer chip designed in a high-bandwidth and low-latency provider – sets a Mac all-time revenue record of $9.1 billion in Q2 2021 .

In any event, the rise in enterprise adoption has changed the threat landscape for Apple and made the vendor a greater target for threat actors who see devices this as a potential entry point to access protected information.

“Attackers will go where their target is, which in turn leads them to Apple,” said Jeff Pollard, vice president and principal analyst at Forrester. “As more business users adopt Apple hardware and services, attackers will follow that trend and react accordingly. Apple software and hardware will continue [to] facing attacks becomes more frequent – and innovative – over time as adoption rates increase. That is one of the side effects of the high adoption rate.”

With Apple M2 chip Recently announced at Apple’s WWDC 2022 conference on June 6, it is likely that business interest in vendor solutions will increase.

So, what is the risk?

At this stage, while the exploitation of Apple devices is increasing, the level of risk is not necessarily higher than that of any other software vendor. Number of zero-day vulnerabilities appearing from Apple has increasedbut it’s still far behind Microsoft.

Follow CISA List of Known VulnerabilitiesMicrosoft has 242 exploited vulnerabilities since the beginning of 2022, compared with 50 for Apple and 43 for Google.

While this is to be expected given Microsoft’s history as the most dominant enterprise vendor in the market, with threat actors working around the clock to target and exploit products in the ecosystem Microsoft.

However, Apple also had to deal with an issue where MIT researchers discovered an inaccessible flaw in the Apple M1 chip, called PACMAN. The exploit allows hackers to perform a new hardware attack that disables the Apple M1 chip’s pointer validation mechanism to prevent it from detecting software bug attacks.

The severity of this vulnerability is debatable, no attacks have been recorded using the vulnerability, and Apple has stated that, “this issue does not pose an immediate risk to our users and is not sufficient to bypass operational security protections on its own.”

More broadly, there is research showing that the Mac has inherent security resilience.

After being authorized by Apple in 2019, Forrester conducted an online survey of 351 security leaders from businesses across the US, UK, Canada, Germany, and Australia to assess the total economic impact of Mac deployments in the workplace. The survey shows that Mac implementations can really boost security.

One of the report’s key findings was that the risk of a data breach was reduced by 50% per Mac deployed. During the survey, interviewees cited built-in security features such as automatic data encryption, anti-malware and easily enroll in mobile device management (MDM) technology to help maintain their security posture.

Likewise, the organization is aiming to strengthen its resiliency with new security features in iOS 16, providing users with passwordless authentication options in the form of Passkeys to secure protection against credential theft, as well as Lockdown mode, a new security feature designed to provide “special extra protection for users who may be at high risk of highly targeted cyberattacks”.

Lockdown mode makes it the kind of message attachments and FaceTime blocked calls and disabled link previews, complex browsing technologies like just-in-time JavaScript (JIT) compilation, and wired connections (when iPhone is locked).

The real risk: Personal devices and teleworking

The main risk surrounding these devices lies in the fact that they are often used as personal devices.

Parallels Research shows that among organizations that allow Mac devices in the workplace, 26.3% do so as part of a bring your own device (BYOD) policy, while 29.4% do as part of your opt-in device policy (CYOD). This means that there is a clear lack of integration with the organization’s broader endpoint management strategy.

Such devices are not directly maintained by security teams who may be responsible for patching and managing them, but by employees, whom organizations must trust to download files latest patches and maintain security conscious behaviors.

As a result, security leaders need to realize that the rise in exploitation of Apple devices should be mitigated by strong controls over what personal devices are allowed in the workplace. jobs and what resources they are allowed to access. Failure to do so greatly increases the risk.

A Malwarebytes survey found that 20% of organizations face security breaches as a result of remote employees, which are highly likely potential entry points that can and will be exploited.

Minimize risk to Apple personal devices

All in all, businesses can mitigate threats to devices by enabling automatic updates and ensuring that devices remain patched and up-to-date. The challenge is to make sure employees are installing these patches.

Therefore, businesses need to define clear policies on the use of personal devices. While a complete ban on personal devices is impractical for many employees working from home, there must be clearly defined boundaries regarding the types of resources and data resources that employees can access. access.

For employees using devices to work from home, mobile device management solutions like Jamf and Microsoft Intunecan help security teams manage multiple Apple devices from a single location to ensure that each system is patched and not vulnerable.

“Device management is really the first step in building a layer of defense to protect mobile workers and sensitive business data,” said Michael Covington, vice president of portfolio strategy at Jamf. that they access on the go. “MDM solutions can help ensure devices are configured securely, that they are running the most up-to-date operating system and have the latest security patches, and configure security requirements. password and secure Wi-Fi settings”.

Covington also notes that these tools can be used to install endpoint security solutions to remote devices and provide a policy enforcement point for taking actions to mitigate threats. threats, such as isolating compromised devices.

VentureBeat’s mission is a digital city square for technical decision-makers to gain knowledge of transformative enterprise technology and transactions. Explore our summary report.

Source link


Goz News: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, the World everyday world. Hot news, images, video clips that are updated quickly and reliably.

Related Articles

Back to top button