Protecting the end-points is key – and it starts with users

Macworld Australia Staff
16 November, 2015
View more articles fromthe author

Security, apple, mac, ios, macworld australiaAccording to its October 2015 earnings announcement Apple shipped a record 5.7 million Macs – and it’s not just home users that have developed a taste for Apple, with IBM announcing a massive deal as well.

This has been backed up by research California-based cybersecurity specialist Centrify. It quantified that growth recently by sponsoring a survey of more than 1000 business professionals about their use of Apple devices. The results found Apple devices are ubiquitous in the workplace, with 45 percent of connected professionals using them. And while companies own 43 percent of Macs, more than 80 percent of iPhones are owned by employees.

This survey also showed that employees are using their Macs or iPhones just like any other business device, even though many of these devices are personally owned.

Centrify also asked about how Apple devices are managed, which is distinct from the inherent security of the device itself.

The results (shown in the following infographic) show

  • 28 percent of respondents use device management to properly configure and secure Apple devices
  • 35 percent of companies encrypt data on Apple devices
  • 33 percent of users change passwords at least monthly, and
  • 18 percent of password-protected Apple devices – that’s nearly one in five – have never had the password changed.

What’s evident is that both companies and users are exercising poor security practices with Apple devices.  In other words, while the adoption of Macs by business is up the rise, security and management processes aren’t keeping up.

So what can you do about it?

The rise of the cloud, mobility, and consumerisation of IT, make it clear that identity has become the new security perimeter for businesses. The corporate firewall is no longer an effective border.

The user convenience of Single Sign-On – with the corollary benefit of automatic access to authorised network resources – are the carrot that makes the stick of corporate IT security mandates acceptable.

The inherent security capabilities of Macs – and other Apple devices – should not make end users feel complacent about their overall security.

Security measures are often cumbersome and met with resistance or outright defiance from those they are intended to defend. That’s why it’s important to link security measures to benefits for end users.

There are tools, such as Centrify’s Identity Service (CIS) Mac Edition, that allow companies to ensure that end users log into their Mac with corporate credentials defined in Active Directory rather than protecting their Mac with a weak, user-chosen password that never changes.

CIS can also ensure each Mac is protected with full disk encryption, with central management of the encryption keys needed for Apple’s FileVault 2 full disk encryption feature.

These benefits for IT security are balanced with making sure the end user has easy access to all of the tools they need to get their jobs done. This ensures the right applications, files, network and other resources are available every time they sit down to get work done – all accessed by a Single Sign-On.

The key to successful integration of Macs within a business is not to lock them down, but to welcome them with tools that fill the needs of users and administrators.

Reviews of major security breaches in 2014 identified that nearly half related to compromised credentials. And it’s worth noting every single security breach, ultimately, results from the breach of an end-point device.

That’s why effective identity management for the Macs in your business is essential unless you want to risk sharing the inglorious hacker limelight with corporate targets such as Home Depot and Ashley Madison.

Leave a Comment

Please keep your comments friendly on the topic.

Contact us