Alice Chambers |
There is a common thread between some of the largest, most complex and deadliest data breaches in recent history.
In 2010, malware like Stuxnet disabled Iran’s nuclear enrichment programme by infecting a contractor’s laptop, which was used to perform updates on the supervisory control and data acquisition (known as SCADA) equipment. Threat actors stole data from Aadhaar – the largest ID database for 1.1 billion Indian citizens – including personally identifiable information (PII) and financial data in 2018 after gaining entry through an unprotected website linked to the database. And in 2021, a developer targeted LinkedIn, exploiting its API to scrape PPI from 700 million users before selling the data dump online. In these and similar cases, the attacks were made possible by targeting and compromising just one device. Since a business’s security perimeter is not limited to the office anymore, all devices that access company data need to be trusted.
The Jamf Security 360: Annual Trends Report 2024 found that 40 per cent of mobile users have been running a device with known vulnerabilities. Why? They believe that their data would not be of interest to cybercriminals. However, as more critical business applications are run on mobile devices, these sensitive data repositories are increasingly subject to attacks that could be more effectively mitigated with better practices.
“While Apple makes incredibly secure operating systems, it has become an attractive target for attackers because of its growing popularity in the enterprise,” says Andrew Smeaton, chief information security officer at Jamf. “With more company data and apps on Apple work devices administrators must respond quickly to security incidents as they arise, rather than waiting for an issue to escalate. Fortunately, for most organisations, these risks can be effectively managed with the right tooling and processes. To actively manage the organisational security of Apple devices that run Microsoft software, we recommend that security teams follow a few crucial steps. Apple releases major operating system (OS) updates every year, so the first line of defence is keeping the OS on all devices up to date. Technologies like Jamf automatically configure native security settings, enrol devices securely, encrypt data, monitor compliance, and manage app security.”
Jamf aims to help businesses achieve these steps by tracking their telemetry data to verify the security health status of each device. Technologies like Zero Trust Network Access (ZTNA) keep devices protected by checking endpoint health against a series of requirements to ensure they meet a minimum level of security before a user is granted access to requested resources.
“Adhering to the ‘never trust, always verify’ creed, a ZTNA solution like Jamf Connect verifies that access is originating from an enrolled and trusted device, making identity and access management a cornerstone of your security strategy,” says Smeaton. “Endpoint security solutions, like Jamf Protect, add a safety net to macOS, iOS, iPadOS, Android and Windows devices to ensure that they are safeguarded against suspected threats through analysis of on-device and in-network threats. These provide faster detection, quicker incident response and effective, automated threat mitigation and remediation workflows that don’t compromise security, privacy or overall performance.”
“With more company data and apps on Apple work devices administrators must respond quickly to security incidents as they arise,” says Andrew Smeaton, chief information security officer at Jamf
The University of Glasgow in Scotland uses both Microsoft and Jamf to manage and secure a fleet of Apple devices used by 8,000 staff members and 30,000 students. Jamf Connect and Jamf Protect are fully integrated with Entra ID and Microsoft Intune and report live into the security information and event management (SIEM) platform Microsoft Sentinel.
“Jamf Protect is built on native-Apple frameworks providing a deeper level of understanding of logs and events that happen on device,” says Smeaton. “It pushes all Apple security data and events, as well as alerts allowing the university to seamlessly monitor and protect its Mac fleet through Sentinel, providing a unified view of security events across all endpoints and facilitates a more effective response to threats. This setup is ultimately what helped the university achieve its Cyber Essential+ certification.”
This customer story exemplifies how integrations between Jamf and Microsoft solutions enable real-time reporting, improve identity management, security and compliance for IT, enhance security policies and enables seamless access control across its ecosystem.
Discover more insights like this in the Winter 2024 issue of Technology Record. Don’t miss out – subscribe for free today and get future issues delivered straight to your inbox.