Apple Security in the Enterprise: Safer, Not Perfect

    Slide Show

    Data Loss Prevention: 5 Reasons You Need to Step Up Your Game

    In general, Apple is given credit for an overall approach that is more secure than Android’s. That common wisdom has slowed Android in the enterprise.

    It is important to note, however, that Apple is not perfect in its approach to keeping devices and data safe. In some cases, the problem isn’t Apple itself – it’s the tendency of employees to disregard security.

    This week, Centrify released a study it commissioned Dimensional Research to conduct. The firm found that only 28 percent of 2,249 U.S. workers queried who use Apple products have mobile device management (MDM) software installed and only 35 percent of those devices encrypt corporate data.

    The survey found that 45 percent of the respondents use an Apple device at work. A majority of those, 63 percent, are personally owned and access business applications, vocational email and corporate data, according to Datamation. The survey showed a lackadaisical attitude toward security: For instance, only 17 percent have an onboard password manager from the employer.

    This background at 9 to 5 Mac is useful as Apple continues to try to grow its slice of the enterprise pie. IBM has been working with the company for about a year on its Mobile First Managed Mobility Services program that aims to push Apple deeper into businesses.

    Earlier this month, Big Blue launched a cloud service aimed at facilitating enterprise deployment of Macs with custom apps. The program, according to ZDNet, includes integration services; delivery of customized and ready-to-go Macs to employees; settings to internal networks, business apps and email; and the JAMF Software Casper Suite. There is also an on-premise option. Security no doubt is part of the offering, which of course is a good thing.


    Apple’s reputation for good security notwithstanding, issues arise. Last week, AppleInsider reported that a sandbox hole created a situation in which devices operating in managed environments could leak configuration and credential data to separate other third-party apps. The vulnerability, dubbed Quicksand, was discovered by Appthority.

    The story explains the exploit and suggests that challenges remain despite the fact that the problem was patched in iOS 8.4.1:

    Appthority worked with Apple to patch the problem in iOS 8.4.1, but the security firm says that as many as 70 percent of enterprise iOS devices are not updated for months after a new iOS version is released. For corporate administrators who are unable to update iOS, Appthority recommends that they reconsider storing sensitive data in the managed app configuration system and use other means — such as custom URL schemes — to provision the data after app installation.

    Apple continues to try to improve its position in the enterprise. It is important to remember that despite the lingering general feeling that iOS-based devices are safer than their Windows and Android counterparts, the same vigilance must be paid to security.

    Carl Weinschenk covers telecom for IT Business Edge. He writes about wireless technology, disaster recovery/business continuity, cellular services, the Internet of Things, machine-to-machine communications and other emerging technologies and platforms. He also covers net neutrality and related regulatory issues. Weinschenk has written about the phone companies, cable operators and related companies for decades and is senior editor of Broadband Technology Report. He can be reached at [email protected] and via twitter at @DailyMusicBrk.

    Carl Weinschenk
    Carl Weinschenk
    Carl Weinschenk Carl Weinschenk Carl Weinschenk is a long-time IT and telecom journalist. His coverage areas include the IoT, artificial intelligence, artificial intelligence, drones, 3D printing LTE and 5G, SDN, NFV, net neutrality, municipal broadband, unified communications and business continuity/disaster recovery. Weinschenk has written about wireless and phone companies, cable operators and their vendor ecosystems. He also has written about alternative energy and runs a website, The Daily Music Break, as a hobby.

    Latest Articles