{"id":18166,"date":"2022-02-02T12:30:08","date_gmt":"2022-02-02T20:30:08","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2022\/02\/02\/news-11899\/"},"modified":"2022-02-02T12:30:08","modified_gmt":"2022-02-02T20:30:08","slug":"news-11899","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2022\/02\/02\/news-11899\/","title":{"rendered":"Jamf CEO weighs in on Apple deployments and enterprise security"},"content":{"rendered":"

<\/p>\n

Credit to Author: Jonny Evans| Date: Thu, 27 Jan 2022 08:34:00 -0800<\/strong><\/p>\n

\u201cApple will become the number one device ecosystem in the enterprise by the end of this decade,\u201d Jamf CEO Dean Hager told me while introducing an in-depth enterprise security trends report<\/a> that enterprises should look at.<\/p>\n

The nature of enterprise IT is rapidly becoming multiplatform. Jamf recently shared some details<\/a>\u00a0concerning the rapid growth in Apple device deployments<\/a>\u00a0it is seeing in business.\u00a0For example, it now has 60,000 active customers, up from 36,000 two years before that \u2013 and believes new services such as Apple Business Essentials<\/a> will help maintain this growth.<\/p>\n

\u201cApple continues to see incredible growth in the enterprise,\u201d said Hager. “I believe that due to Apple\u2019s broad range of devices, combined with the consumerization of IT and the changing demographics of today\u2019s workforce and their strong preference for Apple, that Apple will become the No. 1 device ecosystem in the enterprise by the end of this decade.”<\/p>\n

The rapid deployment of Apple\u2019s solutions in business<\/a>\u00a0has also increased the number of security threats thrown at the company\u2019s platforms. But part of that growth during the last two years reflects efforts to equip employees to work from home as companies sought to survive the pandemic.<\/p>\n

With that growth came consequences.<\/p>\n

Some firms relaxed existing security policies to make way for enablement \u2014 allowing users to access corporate resources from whatever personal devices they had at home, or providing them with new devices the organization wasn\u2019t already supporting.<\/p>\n

\u201cThe more variety you have in your\u00a0device fleet, the more OS versions you have to manage,\u201d said Hager.\u00a0\u201cAs a result, [there are] more OS vulnerabilities you need to be monitoring…. IT teams have gone from managing a more uniform fleet of Windows desktop computers, to supporting Windows, Mac, Android, iOS, iPadOS, and more.\u201d<\/p>\n

The Jamf report<\/a> confirms the risks of this rapid transformation: in 2021, 39% of organizations allowed devices with known OS vulnerabilities to operate in a production environment with no restrictions to privileges or data access, up from 28% in 2020, it said.<\/p>\n

Cybercriminals are also migrating to Mac.<\/p>\n

Phishing and spear-phishing attempts became much more frequent as the world locked down; 29% of organizations had at least one user fall for a phishing attack last year, the Jamf report explains \u2014 though this was across every platform, not just Apple’s. \u00a0<\/p>\n

The data also shows that an astonishing one in 10 users fell victim to phishing attacks on remote devices.<\/p>\n

I asked Hager what kind of growth his company sees in terms of Mac malware attempts and how targeted phishing attacks are becoming around Apple platforms.<\/p>\n

\u201cOver the course of 2021, our team\u00a0discovered malware authors are spending significant amounts of effort to attack Macs by finding\u00a0new zero-day vulnerabilities<\/a> and exploiting those within their malware.\u00a0Malware implementing zero-day bypasses show us that attackers are getting more capable and knowledgeable about macOS and\u00a0that they find value in taking the time to build these exploits into their tooling.\u201d<\/p>\n

He confirmed the prevalence of Apple-themed attacks, in which attackers use fake Apple-branded emails in attempts to capture information from Apple users as they seek to subvert the locked-down security of Macs, iPhones, and iPads.\u00a0Traditional anti-phishing protections use blocks based on static lists of known phishing domains, but this is of limited protection because such attacks proliferate fast.<\/p>\n

\u201cPhishing is dynamic and new domains are being launched constantly, so it\u2019s very hard to keep these phishing lists up to date,\u201d said Hager.<\/p>\n

His company now offers zero-day phishing detection that uses machine-learning algorithms to detect phishing domains within seconds of them being launched.<\/p>\n

All the same, online, the best protection is educating employers.\u00a0Jamf trains its own to be able to spot attacks and encourages employees to share any experiences they may have of such attacks, rather than remaining silent.<\/p>\n

\u201cPhishing attacks just keep getting harder and harder to recognize,\u201d and employees need to help each other, he said.<\/p>\n

Hager stressed the need to support employees, rather than punish those who are attacked.<\/p>\n

\u201cPunishing employees for falling victim to an attack is not recommended and here\u2019s why: often when social engineering takes place, there is a period of time between attack and compromise. If the incident is reported right away by the employee, there\u2019s a chance your security team can mitigate the risk of any further damage,\u201d he said.<\/p>\n

\u201cFor example, if an employee has their work credentials stolen in a phishing attack, an informed security team can take steps to block access to accounts, update passwords, freeze bank accounts, etc. Without that knowledge, the attack can move quickly and result in a very damaging data breach.\u201d<\/p>\n

The problem with blame culture is that in the event of a problem, \u201cemployees will likely not feel empowered or safe enough to come forward with that important information,\u201d he explained.<\/p>\n

But even in a blame-free culture, enterprises must introduce increasingly intelligent protection around end-points.\u00a0<\/p>\n

\u201cYou need in-network capability to block the connection being made to a malicious website, to prevent installation of malware, to prevent data exfiltration, to identify and block an unencrypted transfer of sensitive data, etc.,” Hager said. “To put it simply, in-network capabilities add more proactive protection for your end-points, so rather than detecting a threat once it is already present on the device, you can prevent the threat from reaching the device and impacting the user in the first place.\u201d<\/p>\n

The extensive Jamf report confirms that attackers are compromising a growing number of devices, and targeting the online storage and collaboration services remote businesses rely on to get things done.\u00a0To fend off these attempts, Jamf promotes Zero Trust Network Access (<\/a>ZTNA) to protect distributed hybrid business.<\/p>\n

This kind of smart security combines user identity with intelligent, contextual protections around location, application, and more. When a user is authenticated, they can only use apps they’re authorized to access, with contextual decisions around device risk.<\/p>\n

So, if an authorized user seems to be using an app from an unexpected location or at a time that is not in tune with their customary habits, the system may flag a risk. If the system identifies unacceptable risk, it can terminate access automatically through the shift. The idea is that users don\u2019t have to spend too much time managing these decisions.<\/p>\n

The problems around such risk are serious. For example, 36% of organizations encountered malicious network traffic indicators on a remote device in 2021, Jamf said.<\/p>\n

\u201cWe are seeing a shift more broadly towards user-centric security because users need to like a solution in order to achieve widespread adoption within an organization. That\u2019s why we expect ZTNA to replace slow and clunky VPN technology over the coming years,\u201d Hager said.<\/p>\n

\u201cMany small organizations see ZTNA as a huge investment that requires a lot of change, but the reality is it\u2019s a journey and you can implement it in stages \u2014 so now\u2019s the time to make thoughtful investments that will move you towards a ZTNA architecture.<\/p>\n

\u201cA good security policy should be built around an awareness that use cases can differ drastically within an organization and therefore the more flexible and customizable your security solution is, the better,\u201d he said.<\/p>\n

Two years into the pandemic, can Apple’s rapid deployments continue? Will the transition continue when (or if) workers return to the office?<\/p>\n

Hager thinks it will.\u00a0\u201cI think we will continue to see Apple\u2019s rapid growth in the enterprise \u2014 the momentum isn\u2019t stopping,\u201d he told me.\u00a0\u201cThe trends that are pushing Apple\u2019s fast enterprise growth have been present long before the pandemic.<\/p>\n

“I believe that due to Apple\u2019s broad range of devices, combined with the consumerization of IT and the changing demographics of today\u2019s workforce and their strong preference for Apple, [it] will become the No. 1 device ecosystem in the enterprise by the end of this decade.\u201d<\/p>\n

The\u00a0Jamf Security 360 Annual Trends Report<\/a>\u00a0is available online.<\/p>\n

Please follow me on\u00a0Twitter<\/a>, or join me in the\u00a0AppleHolic\u2019s bar & grill<\/a>\u00a0and\u00a0Apple Discussions<\/a>\u00a0groups on MeWe.<\/em><\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Jonny Evans| Date: Thu, 27 Jan 2022 08:34:00 -0800<\/strong><\/p>\n

\n
\n

\u201cApple will become the number one device ecosystem in the enterprise by the end of this decade,\u201d Jamf CEO Dean Hager told me while introducing an in-depth enterprise security trends report<\/a> that enterprises should look at.<\/p>\n

Apple continues to see incredible growth<\/strong><\/h2>\n

The nature of enterprise IT is rapidly becoming multiplatform. Jamf recently shared some details<\/a>\u00a0concerning the rapid growth in Apple device deployments<\/a>\u00a0it is seeing in business.\u00a0For example, it now has 60,000 active customers, up from 36,000 two years before that \u2013 and believes new services such as Apple Business Essentials<\/a> will help maintain this growth.<\/p>\n

To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[2211,10403,10554,714,24580],"class_list":["post-18166","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-apple","tag-macos","tag-mobile","tag-security","tag-small-and-medium-business"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/18166","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=18166"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/18166\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=18166"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=18166"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=18166"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}