Posted on 08/24/2015 5:05:14 PM PDT by Swordmaker
Apple's Macs, iPhones and iPads are common in the modern workplace, but relatively few of these devices comply with standard security requirements, according to a new survey.
Nearly half of all U.S. employees use at least one Apple device at work, but most of those gadgets lack common security protocols required by many enterprises, according to a new survey commissioned by Centrify, a company that sells enterprise security and management software for Apple products.
Last month, Centrify asked 1,004 business professionals about how they use computers and smartphones in the workplace. Respondents used a total of 1,309 Apple devices at work, including 191 Macs, 387 iPads and 731 iPhones, according to Centrify. All of the respondents were employed full-time at companies with at least 20 employees, from various industries including healthcare and financial services, according to Centrify.
The survey, which was conducted by Dimensional Research, found that 45 percent of respondents use at least one Apple device for work, to access corporate email, documents and business applications. Of those gadgets, 63 percent were employee-owned. More than half, or 51 percent, of all the users' Apple devices were secured by single-word passwords or numerical PINs, and 58 percent of those devices had no software or policies to enforce the use of stronger passwords. The survey also found that 56 percent of Apple device users shared their passwords with others, and only 17 percent had company-supplied password managers.
In addition, only 28 percent of respondents' Apple devices had company-provided device management solutions, and 35 percent of the people work for companies that enforce data encryption on Apple devices. Almost 60 percent of the Macs represented in the survey were used to access confidential company information, and 65 percent of those systems were used to access sensitive or regulated customer information, according to the survey.
The results spotlight the high usage rates of unmanaged Apple devices in the workplace, according to Centrify, and they reinforce the risks organizations face when IT professionals don't have the necessary resources to make sure devices comply with security policies.
Apple passwords can be up to 256 characters and use any of the 223 characters accessible from the keyboard. The only limitation Apple imposes is that no password can have more than two consecutive identical characters.
The claim in the headline that "Most Apple devices lack proper security for the enterprise" is totally specious FUD as the devices DO have the proper security, it's just not being used, which makes the headline, and only the headline, suitable for this current FUD SEASON. . . it applies to all Bring Your Own Device which the company's IT department does not properly check out before allowing it to connect to the network.
If you want on or off the Mac Ping List, Freepmail me.
That’s OK, Hillary had a Blackberry.
The article is kind of meaningless without comparing it to non-Apple devices in the same workplaces. Android devices are not exactly known for being locked down. I have been in organizations where Linux/Unix root passwords were both common knowledge and easy to guess. None of tehse have to do with the device.
For the enterprise, it would be nice if Apple could have separate identities, logins if you will, for work and personal on iOS. That problem is far from unique to Apple. Windows 10 on Surface may not have that problem, but it brings its own mature and broad set of malware as well.
CIO Magazine should do better in properly vetting its articles. This appears to be more of an advertisement wrapped up as editorial content.
Are they failing to require it, or failing to enforce it? It's one thing to publish a policy statement specifying a password complexity requirement. Being able to enforce it is something else altogether.
so, then use Windows Phone? Or Android?
Both of the alternate platforms are riddled with holes, compared to iOS.
This article is useless.
What!! “abc123” isn’t a good password??
Geeze, now you tell me. I guess I shouldn’t have used it when I signed up at Ashley Madison. Oops, I didn’t say that.
A crummy ad masquerading as a news article; like so much of today's "news".
She had four phones and an iPad. Two of the phones were iPhones, from what I've read. If the Blackberry were the one with the emails, all the email would have been routed through the Blackberry email servers in Canada and there would be copies there. (which I've always found strange that the US gov standardized on Blackberries for so long. She said she had to have more than one phone because she had to have more than one email address, ignoring that the iPhone can easily handle multiple email addresses. . . and even keep them separate.
biometrics propaganda... you would not believe how desperately the government and many creepily intrusive large companies (e.g. Google, FB) want your biometric data
NEVER DO BIOMETRICS if you can help it. For God’s sake, don’t offer your fingerprints to a company that can resell them on the open market.
I am well aware of Sophos anti-virus for Mac as well as all the others. . . and the fact is that the virus and worms it finds are all WINDOWS viruses and worms. ,p> To do that, it TURNS OFF the built in Apple Gatekeeper which blocks all of the 67 known OS X TROJANS and variants and all 8 of the trojan families so that Sophos can intercept them instead.
Gatekeeper will warn the OS X user before he can finish downloading the infected file, requiring an administrator's name and password before continuing, If the user does that, it then require the name and password again before installing it, and then again before allowing it to be run.
Yet all of the OS X 3rd party anti-virus software turns that off, AND adds system hits and performance degradation to do essentially the same thing as what the Gatekeeper does without that overhead. . . just so you can catch some Windows viruses and worms that can't harm an OS X Mac at all.
But that is neither here-nor-there with what this article was about.
No, it is a confirmation biased article from someone who doesn't like Apple devices in the Enterprise IT structure. . . and it will be quoted ad nauseoum by others who also have that attitude and see it as confirming their biases and want to keep Apple devices out of IT in the Enterprise and keep the Enterprise as a Windows only bastion.
Kewl, yer a wealth of knowledge.
Just not two weeks after Samsung's Knox Secure encryption devices were confirmed for top secret US Government devices, it was discovered that the passwords and keys for Samsung's encryptions and access to their phones and tablets that were supposedly Knox protected were kept in an easily found unencrypted TEXT file in a library on the phone itself. . . and later, their FINGERPRINT images were found in a similarly hidden, unencrypted file, that unlocked their supposedly secure phones!
They have NOTHING comparable to Apple's secure enclave which is located inside the processor and not accessible from outside the processor where one-way HASHes of passwords and fingerprint images are kept.
Haven’t heard fear, uncertainty and doubt since Dell.
I concur with your statement. A typical strong password has a minimum seven characters and is alphanumeric. Special characters in SSO environments can be problematic with in house apps.
I prefer phrases with strong requirements.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.