60 INTERVIEW The importance of always being ready A well-planned cyberattack can make all work grind to a halt and have numerous other business ramifications. Organisations must stay on top of security to thwart increasingly sophisticated hackers, says Jamf’s Andrew Smeaton There is a common thread between some of the largest, most complex and deadliest data breaches in recent history. In 2010, malware like Stuxnet disabled Iran’s nuclear enrichment programme by infecting a contractor’s laptop, which was used to perform updates on the supervisory control and data acquisition (known as SCADA) equipment. Threat actors stole data from Aadhaar – the largest ID database for 1.1 billion Indian citizens – including personally identifiable information (PII) and financial data in 2018 after gaining entry through an unprotected website linked to the database. And in 2021, a developer targeted LinkedIn, exploiting its API to scrape PPI from 700 million users before selling the data dump online. In these and similar cases, the attacks were made possible by targeting and compromising just one device. Since a business’s security perimeter is not limited to the office anymore, all devices that access company data need to be trusted. The Jamf Security 360: Annual Trends Report 2024 found that 40 per cent of mobile users have been running a device with known vulnerabilities. Why? They believe that their data would not be of interest to cybercriminals. However, as more critical business applications are run on mobile devices, these sensitive data repositories are increasingly subject to attacks that could be more effectively mitigated with better practices. “While Apple makes incredibly secure operating systems, it has become an attractive target for attackers because of its growing popularity in the enterprise,” says Andrew Smeaton, chief information security officer at Jamf. “With more company data and apps on Apple work devices administrators must respond quickly to security incidents as they arise, rather than waiting for an issue to escalate. Fortunately, for most organisations, these risks can be effectively managed with the right tooling and processes. To actively manage the organisational security of Apple devices that run Microsoft software, we recommend that security teams follow a few crucial steps. Apple releases major operating system (OS) updates every year, so the first line of defence is keeping the OS on all devices up to date. Technologies like Jamf automatically configure native security settings, enrol devices securely, encrypt data, monitor compliance, and manage app security.” Jamf aims to help businesses achieve these steps by tracking their telemetry data to verify the security health status of each device. Technologies like Zero Trust Network Access (ZTNA) keep devices protected by checking endpoint health against a series of requirements to ensure they meet a minimum level of security before a user is granted access to requested resources. “Adhering to the ‘never trust, always verify’ creed, a ZTNA solution like Jamf Connect BY ALICE CHAMBERS “ With more company data and apps on Apple work devices administrators must respond quickly to security incidents as they arise”
RkJQdWJsaXNoZXIy NzQ1NTk=