Posted byZoran Cocoara Posted inMacs in the enterprise
In the last ten years, Macs have gradually made their way into the workplace. Their number has increased through Apple’s own efforts to improve their products for use in the enterprise such as their transition to M1 chips and system extensions, but also the implementation of Bring-Your-Own-Device (BYOD) and Choose-Your-Own-Device (CYOD) policies which allowed employees to decide on the type of device they want to work on.
In 2021, macOS device use across US enterprises reached 23% while iPhones accounted for 49% of work phones and iPads were the most used tablets in the business environment, according to IDC. This widespread use of Apple devices in business is making many companies rethink their approach to endpoint provisioning, management, and, more importantly, security.
The risk of insider threats
With its solid Unix-based architecture, native encryption options and new kextless mode, macOS has never been more secure. However, while Macs might be more secure against brute force and malware attacks, they are just as vulnerable to one of the biggest threats to data security: the people operating them. Whether through carelessness, turning malicious or falling for phishing or social engineering attacks, employees are at the root of some of the most disastrous data breaches in history.
The number of security incidents caused by insiders increased by a staggering 47% since 2018, according to the Ponemon Institute’s 2020 Cost of Insider Threats Global Report, with human error alone accounting for 23% of all data breaches. A further 7% were due to malicious insiders and 17% of external attacks used employees as an entry point into the company network.
The rise of data protection legislation
While in the past companies may have been tempted to take their chances and rely on Macs’ advanced security to prevent data breaches, nowadays protecting sensitive customer data is no longer a choice, but a legal obligation. From the US and Japan to Brazil and the EU and its notorious General Data Protection Regulation (GDPR), organizations face massive fines if they do not take the necessary measures to protect sensitive information.
Some of the world’s biggest companies such as Google, H&M and Marriott have already been hit by record-breaking GDPR fines. However, while big corporations might survive €20 million or higher penalties, for smaller companies these can prove fatal. Reputational damage is also harder to overcome for small to mid-sized organizations as it increases the likelihood of lost business as customers choose competitors without a history of bad data security practices.
Protecting sensitive data with Data Loss Prevention
When it comes to sensitive data protection on Macs, solutions like antivirus and antimalware software that protect an entire device from outside tampering, are not effective. Employees need access to data to effectively perform their duties. Data Loss Prevention (DLP) solutions were developed to help companies secure data from human error by protecting sensitive data directly.
Using DLP, organizations can define what sensitive data means to them, whether it’s personally identifiable information (PII) or different categories of intellectual property (IP). Once defined, DLP policies can be applied to identify, monitor and control the movements of files containing sensitive information. In this way, companies can prevent sensitive data from leaving Macs and ensure it is not transferred via insecure channels such as messaging apps, personal emails, or file sharing services.
Removable devices, which can easily be lost or stolen, are another common data security concern for computers running on any operating system, including macOS. DLP device control policies can limit or block the use of USB and peripheral ports as well as Bluetooth connections. Device control features can help companies monitor the use of removable devices and identify which user has copied files to which devices, making it easy to spot suspicious insider activity that may result in data theft.
Some DLP solutions like Endpoint Protector offer a higher degree of flexibility in policies, allowing companies to set restrictions and privileges based on groups, departments, devices and even individuals. In this way, employees that have access to sensitive data on a daily basis can have stronger policies in place without affecting the rest of the work force.
When it comes to protecting data on Macs, companies also need to choose DLP products that offer zero-day support for any new macOS releases. This means that the product developers have access to macOS updates ahead of their public release and can test the compatibility of their software with them beforehand. Incompatibility with new updates can compromise a company’s data protection efforts and open the door to data loss. By choosing DLP products that offer zero-day support, organizations can ensure that data protection is continuous.