Unsecure Apple devices a 'huge' liability
A lack of security and management of Apple devices in the workplace is exposing businesses to significant liabilities, according to new research from cyberthreat firm Centrify.
Nearly half (45%) of workers surveyed use at least one Apple device for work purposes, the survey found.
A majority of those Apple devices (63%) are owned by the user as opposed to the company and are used to access work email, corporate documents and business applications.
According to the research, 59% of Macs are used to access confidential company information, while 65% of Macs are used to access sensitive or regulated customer information.
The survey found 51% of iPhones in the workplace are used to gain access to business applications, and 58% of iPads in the workplace are used to gain access to business applications.
Despite the popularity of Apple devices in the workplace, Centrify says businesses do not invest enough resources to secure or manage them.
Over half (51%) of all devices are secured by a password that is merely a single word or a series of numbers, the research shows. Most devices (58%) also do not have software installed to enforce strong passwords.More than half (56%) of users report sharing their passwords with others.
Only 17% of Apple devices have a company-supplied password manager, and only 28% of Apple devices have company-provided device management solutions installed.
The research found only 35% of Apple devices have encryption of stored data enforced by their company.
“Centrify’s Apple survey spotlights the massive exposures that occur when devices do not comply with standard corporate security policies,” explains Bill Man, chief product officer, Centrify.
“In particular, customer data represents a huge liability. Disclosure of regulated information such as healthcare records could expose corporations to fines and other legal action,” he says.
“Most importantly, there are solutions on the market today that can handily secure Apple devices without sacrificing user productivity. It’s time for IT to take action.”
Centrify says ultimately there is no discernable correlation between password strength and sensitivity of information accessed or accessible from a particular device or user.