Your enterprise security does not live in isolation — the threat environment extends across all your colleagues, partners, and friends.
That’s why it’s very concerning that so many businesses continue to fail to meet basic security hygiene standards, according to the latest Security 360 report from Jamf.
Data is gold, which attackers recognize — even many in business don’t. Every stolen address, email, phone number, name, or even passport number is an ID attack waiting to happen, a path to enable a more complex phishing scam, or just an opportunity to call someone up and claim the target has a problem with their computer that they can help them with.
A friend of mine fell victim to that last pervasive security attack this week. Fooled by the professionalism of the caller and shunted between various fake colleagues, they gave the convincing hackers remote access to their computer, credit card data, and more. As I write this they are changing passwords, wiping the attacked device, and filing police reports.
This stuff happens, sometimes to people you know. And it could happen to you.
We can’t be sure how they tracked this friend of mine. We can’t tell which vast pot of stolen data they looked at. (There is some evidence that criminals like to target older people with digital crime.)
There is a temptation to look at the story of my poor chum and dismiss the threat as unlikely. You’re into tech, take security seriously, and use Apple products in your business. But complacency is a security weakness.
That critical point shines bright and loud in Jamf’s report. Based on a sample group of 15 million mobile devices, PCs, and Macs, the report points out a slew of concerning statistics:
40% of mobile users and 39% of organizations are running a device with known vulnerabilities.
Jamf tracks 300 malware families on macOS and found 21 new families on the Mac in 2023.
Trojans are growing in popularity, accounting for 17% of all Mac malware instances.
Phishing attempts were 50% more successful on mobile devices than on Macs.
20% of organizations were impacted by malicious network traffic.
Michael Covington, vice president of portfolio strategy at Jamf, said in a statement:
“The data in our report shows that Mac and mobile fleets have fared reasonably well over the past 12 months, but that result is largely due to sheer luck; with a growing list of malicious tactics emerging and with organizations demonstrating poor security hygiene overall, the year ahead is likely to be bad for business if trends do not change.”
What kind of strategies should enterprises that rely on Apple devices follow to stay safe? The same strategies as on other platforms, albeit from a point of more strength. Some best practices mentioned in the report include:
Use integrated management and security products to maximize the available policy controls while…
2024-03-02 09:00:03
Link from www.computerworld.com