{"id":21435,"date":"2023-03-08T10:30:05","date_gmt":"2023-03-08T18:30:05","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2023\/03\/08\/news-15166\/"},"modified":"2023-03-08T10:30:05","modified_gmt":"2023-03-08T18:30:05","slug":"news-15166","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2023\/03\/08\/news-15166\/","title":{"rendered":"Why you should use Apple\u2019s Rapid Security Response"},"content":{"rendered":"

<\/p>\n

Mac, iPad, and iPhone users can choose to automatically install system security patches as they are released with a new Apple feature called Rapid Security Response.<\/p>\n

Rapid Security Response aims to secure Apple\u2019s platforms with automated security updates. The idea is that if every user automatically installs such patches, the entire ecosystem becomes inherently more secure.<\/p>\n

Announced last year at WWDC 2022, Apple began testing the feature in October. During beta testing, it shared four content-free downloads to test its distribution system, including one recent test\u00a0in March<\/a>. While the feature can be enabled on devices running the latest operating system, as of this month Apple had not yet begun to ship genuine security patches.<\/p>\n

Traditionally, Apple has distributed security patches within iOS, iPadOS, or macOS software updates. This is effective, but not every user updates their systems in a timely fashion, in part because full software updates take a while.<\/p>\n

Making it possible to automatically download and install smaller security patches as they are published makes for faster distribution and means users don\u2019t need to install a complete OS upgrade to stay secure.<\/p>\n

In essence, Rapid Security Response makes maintaining device security much simpler and less disruptive for all parties, while also keeping the ecosystem a bit more secure.<\/p>\n

Apple explains that the system will, \u201cautomatically install rapid security responses and system files for iPhone and supported accessories,” adding, “some system files will always be installed automatically, even if Security Responses & System Files is turned off.<\/p>\n

“Rapid Security Responses that involve the operating system require the device to restart. Rapid Security Responses that involve Safari require the user to quit the app,\u201d it adds in an explanatory note on its tech support site<\/a>.<\/p>\n

You\u2019ll find Rapid Security Response as an option in Settings.<\/p>\n

In iOS<\/strong>, open General>Software Update and tap Automatic Updates. You\u2019ll see the new Security Responses & System Files item listed there.<\/p>\n

On Macs<\/strong>, open System Settings>General>Software Update and tap the \u201cI\u201d button situated by Automatic Updates. You can then define which updates you want downloaded, including Security Response.<\/p>\n

When you toggle the feature to on, it will monitor for available security patches and if one is published, it will download it.<\/p>\n

Once the system has downloaded the security patch, you\u2019ll be prompted to install it and restart your device. The system is also capable of sharing important Safari security updates.<\/p>\n

It’s possible to delete downloaded Security Response files updates before you install them, though this is not generally recommended as they may contain essential fixes for your device.<\/p>\n

To delete them, open General>About>iOS Version where you can check and remove the uninstalled software, or, if using a Mac, open System Settings>General>About, tap the \u201cI\u201d button and remove the install.<\/p>\n

The only real reason to delete these updates is in the event existing apps are incompatible with the patch. Apple also has a system of alerts that will tell users if it identifies a problem with one of these rapid security updates, enabling their removal.<\/p>\n

If you run a fleet of devices, Apple has created APIs that device management vendors can use to give admins control of this feature, including the capacity to remotely enable or disable it.<\/p>\n

Administrators can disable the feature, verify whether a software patch is installed, enable the feature, or even block user removal of these updates. Most businesses already accelerate installation of important security patches, but those that can\u2019t use their choice of MDM provider to manage this.<\/p>\n

Maintaining device security is emerging as one of the biggest challenges we face in 2023. As nation-state rivalries intensify, it\u2019s reasonable to expect increased attempts to penetrate platform security; as Jamf recently warned, 21% of employee devices are misconfigured<\/a>, which includes not having the latest security patch installed.<\/p>\n

To preserve that sanctity, Apple wants to get to a position from which it can expedite security patch distribution without requiring vast chunks of time or attention from its customers. It also wants to find a more elegant way to swiftly distribute emergency responses.<\/p>\n

It’s just good practice. As Jamf’s Michael Covington, vice president of portfolio strategy,\u00a0recently noted:<\/a>\u00a0\u201cUsers should be part of the security solution, and that includes actioning updates to the operating system or applications in a timely fashion, when prompted.\u201d<\/p>\n

Rapid Security Response means we should all get security patches in a timelier fashion, and installations should take much less time. It should also provide a swift remedial path for platform-level mitigations against newly identified vulnerabilities.<\/p>\n

There is speculation Apple will embrace a monthly security software update release cycle that uses Rapid Security Response to harden security across all of its platforms.<\/p>\n

It is also interesting that Apple can upgrade Safari with this feature, as it hints that at some point application developers will also be able to automate important security patches for their products, though this hasn\u2019t yet been discussed.<\/p>\n

Apple is now expected to begin using the service after iOS 16.4 is introduced in the next week or so.<\/p>\n

Please follow me on\u00a0Twitter<\/a>, or join me in the\u00a0AppleHolic\u2019s bar & grill<\/a>\u00a0and\u00a0Apple Discussions<\/a>\u00a0groups on MeWe.<\/em><\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

\n
\n

Mac, iPad, and iPhone users can choose to automatically install system security patches as they are released with a new Apple feature called Rapid Security Response.<\/p>\n

Rapid Security Response aims to secure Apple\u2019s platforms with automated security updates. The idea is that if every user automatically installs such patches, the entire ecosystem becomes inherently more secure.<\/p>\n

Announced last year at WWDC 2022, Apple began testing the feature in October. During beta testing, it shared four content-free downloads to test its distribution system, including one recent test\u00a0in March<\/a>. While the feature can be enabled on devices running the latest operating system, as of this month Apple had not yet begun to ship genuine security patches.<\/p>\n

To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[2211,10480,8826,10403,12555,714],"class_list":["post-21435","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-apple","tag-ios","tag-iphone","tag-macos","tag-mobile-device-management","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/21435","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=21435"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/21435\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=21435"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=21435"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=21435"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}