Story image

Unsecure Apple devices a 'huge' liability

01 Sep 2015

A lack of security and management of Apple devices in the workplace is exposing businesses to significant liabilities, according to new research from cyberthreat firm Centrify.

Nearly half (45%) of workers surveyed use at least one Apple device for work purposes, the survey found. 

A majority of those Apple devices (63%) are owned by the user as opposed to the company and are used to access work email, corporate documents and business applications.

According to the research, 59% of Macs are used to access confidential company information, while 65% of Macs are used to access sensitive or regulated customer information.

The survey found 51% of iPhones in the workplace are used to gain access to business applications, and 58% of iPads in the workplace are used to gain access to business applications.

Despite the popularity of Apple devices in the workplace, Centrify says businesses do not invest enough resources to secure or manage them.

Over half (51%) of all devices are secured by a password that is merely a single word or a series of numbers, the research shows. Most devices (58%) also do not have software installed to enforce strong passwords.More than half (56%) of users report sharing their passwords with others.

Only 17% of Apple devices have a company-supplied password manager, and only 28% of Apple devices have company-provided device management solutions installed.

The research found only 35% of Apple devices have encryption of stored data enforced by their company.

“Centrify’s Apple survey spotlights the massive exposures that occur when devices do not comply with standard corporate security policies,” explains Bill Man, chief product officer, Centrify.

 “In particular, customer data represents a huge liability. Disclosure of regulated information such as healthcare records could expose corporations to fines and other legal action,” he says. 

“Most importantly, there are solutions on the market today that can handily secure Apple devices without sacrificing user productivity. It’s time for IT to take action.”

Centrify says ultimately there is no discernable correlation between password strength and sensitivity of information accessed or accessible from a particular device or user.

Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Micro Focus acquires Interset to improve predictive analytics
Interset utilises user and entity behavioural analytics (UEBA) and machine learning to give security professionals what they need to execute threat detection analysis.
Raising the stakes: McAfee’s predictions for cybersecurity
Security teams and solutions will have to contend with synergistic threats, increasingly backed by artificial intelligence to avoid detection.
Exclusive: Ping Identity on security risk mitigation
“Effective security controls are measured and defined by the direct mitigation of inherent and residual risk.”
CylancePROTECT now available on AWS Marketplace
Customers now have access to CylancePROTECT for AI-driven protection across all Windows, Mac, and Linux (including Amazon Linux) instances.