![](\"https:\/\/images.techhive.com\/images\/article\/2017\/01\/iphone-enterprise-100702813-large.3x2.jpg\"\/)
<\/p>\n<\/p>\n
Credit to Author: Jonny Evans| Date: Fri, 15 Dec 2017 06:47:00 -0800<\/strong><\/p>\n Apple and Cisco have struck yet another blow for enterprise IT. They know that iOS is the most secure mobile solution, but that\u2019s not everything because mobile threats are incredibly complex these days.<\/p>\n Here\u2019s a scenario<\/em>: You work in an enterprise with perhaps 1,000 other employees. One morning, perhaps 50 of you woke to find an authentic-seeming email in your in-box that requests you click on a link to update some system related to the work you do. While many employees remembered not to click on that link, a small number did click. No one thought too much of the email \u2014 spam is frequent and most just thought the mail was aimed at them.<\/p>\n It wasn\u2019t.<\/p>\n The attack was planned, and the attackers have now gathered a little more detail about some of the company\u2019s employees, including passwords.<\/p>\n This information helps attackers figure out password structure and perhaps enables them to create a new collection of exploits that use those stolen details to help penetrate a little deeper into the enterprise\u2019s IT systems.<\/p>\n They will be looking for secrets they can sell, dollars they can steal, and data they can abuse. They may even be sitting in local coffee shops using Wi-Fi network sniffers to monitor and crack inside the enterprise systems when accessed by employees on their lunch break.<\/p>\n What\u2019s happened here is that while conventional security systems can protect end users against a lot of things, it\u2019s less great at protecting against multi-faceted threats.<\/p>\n Apple\u2019s iOS devices are now deeply entrenched in enterprise IT.<\/p>\n Already, over 70 percent of enterprise users provide employees with mobile devices, but conventional security methods don\u2019t necessarily notice all the different attacks that do exist. The recently identified Blueborne<\/a> Bluetooth vulnerability is a good example of an attack that existing security protections probably wouldn\u2019t recognize.<\/p>\n It\u2019s important to note that lots of enterprises use iPhones and iPads because Apple\u2019s devices are still the most secure in the industry.<\/p>\n That platform proliferation means attackers who do succeed in undermining that security could make a lot of money. That\u2019s why it is a little strange that Apple pays just $200,000 to people who identify vulnerabilities on its platforms, \u00a0even while private firms pay $500,000 for the same information<\/a>. There\u2019s money at stake and no one should be complacent.<\/p>\n The big problem is that some attacks are quite transparent. Most of us would not even be aware they were taking place.<\/p>\n They happen at a deep device level that doesn\u2019t seem to interfere with our user experience, and they are not easily spotted by more traditional security protections.<\/p>\n That\u2019s why the Apple\/Cisco deal<\/a> makes so much sense. To help better protect iOS devices against attack, Cisco has introduced Security Connector, an app that monitors network activity on devices, without any significant impact on device performance or battery life. Cisco\u2019s iOS security app offers security functionality from\u00a0Cisco Umbrella<\/a> and\u00a0Cisco Clarity<\/a>.<\/p>\n “Ransomware and malware are spreading across the internet and increasingly targeting mobile devices. Together with Apple, we are helping enterprises become the most connected, collaborative, and secure businesses in the world,” said David Ulevitch, senior vice president and general manager of Cisco’s Security Business Group.<\/p>\n There\u2019s a Cisco blog that tells you a little more about how this works here<\/a>, but at its simplest if one of those employees at the top of this story had clicked a phishing link, Security Connector would have prevented the connection.<\/p>\n