Rethinking Mac Safety: Strategies for Enhanced Workplace Protection

For too long, complacency around the security of Macs has threatened to come crashing down. And that day has come, says Suzan Sakarya

Apple devices have become the norm in the workplace, given their widely recognised reputation for robust security and privacy features. However, as they bed themselves deeper into corporate networks, they face a new reality of sophisticated threats, challenging the myth of their inherent safety.

As organisations grapple with this new reality, understanding and preparing for these emerging threats becomes paramount.

The evolution of Mac malware

Previously, Mac malware primarily consisted of adware, posing a limited threat and allowing security teams to adopt less stringent measures. However, this has dramatically shifted, with cyber criminals increasingly targeting macOS and iOS vulnerabilities.

According to our latest research, there are now 300 identified malware families for macOS, with 21 new additions in 2023 alone.

While adware still represents a significant portion, accounting for over a third of all Mac malware, the emergence of more severe threats like trojans, ransomware, and Advanced Persistent Threats (APTs) is notable.

These more aggressive forms of malware present a substantial risk to organisations within the Apple ecosystem. Trojans, for instance, can evade detection by disguising themselves as legitimate applications, and ransomware can cause significant operational and financial damage.

This new reality demands that organisations enhance their defensive strategies to protect against these sophisticated threats.

The need for better cyber hygiene

Amidst the rise of sophisticated Mac malware, lax cyber hygiene across many organisations elevates risk exposure, particularly for mobile security. Our findings highlight that approximately 40% of mobile device users operate systems with known, unpatched vulnerabilities.

Phishing attempts are approximately 50% more successful on mobile devices than desktops

Phishing remains a predominant threat, exploiting mobile users with alarming efficacy. Research indicates that phishing attempts are approximately 50% more successful on mobile devices than desktops. This suggests a gap in security protocols that extends beyond traditional computing platforms, exposing mobile-heavy environments to increased risk.

This discrepancy between mobile and desktop management practices underlines the critical need for stringent cyber hygiene that applies to all devices.

In addition, many users are further exacerbating these vulnerabilities by disabling essential security settings, such as encryption and automatic locking mechanisms. Notably, many devices have disabled FileVault, which is vital for data protection through encryption, and many users operate devices without activated lock screens, leaving sensitive information perilously accessible.

Strategies for business protection

The increase in malware diversity, particularly on macOS, challenges existing security measures, diluting the visibility and control over potential breaches.

The evolving threat landscape demands a proactive reassessment of security strategies, emphasising regular updates, rigorous application of security protocols, and comprehensive user education to combat these growing threats.

Such measures are essential in safeguarding against the inevitable attempts of cyber incursion in today’s tech-reliant businesses. Here are some steps organisations can implement instantly and in the long term to better protect against malware.

Immediate steps for organisational protection:

• Prioritising device management: Organisations should prioritise comprehensive device management and robust endpoint security to bolster their defences. This includes both corporate-owned and BYOD (Bring Your Own Device) systems.
• Threat analysis: Implementing real-time threat analysis and hunting capabilities can help mitigate potential threats before they cause damage.
• Implementing encryption: Ensuring all communication is encrypted is also crucial for protecting data during transmission and preventing unauthorised data interception.
• Patch management: Regular updates and strict adherence to best practices in device configuration are immediate measures that significantly reduce vulnerabilities.
• Leveraging EDR: Organisations should deploy Endpoint Detection and Response (EDR) tools across all operating systems, including Windows and Mac, ensuring continuous monitoring and instant response to security threats.

Long-term security strategies:

• Emphasising zero trust: For sustainable protection, businesses must embrace a zero trust security model, which treats every access request as a potential threat, whether it originates from within or outside the network. This approach requires rigorous verification of all access attempts, drastically reducing the likelihood of breaches.
• Ensuring compliance: Aligning with compliance and security standards relevant to their industry and region is also vital. These standards offer a structured framework for cybersecurity best practices, aiding in protecting against known vulnerabilities.
• Securing the extended attack surface: Finally, it is essential to secure devices operating outside the traditional network perimeter, such as those used remotely. This strategy, often called ‘security at the edge,’ ensures that data remains secure regardless of the device’s location, fortifying the organisation’s cybersecurity posture over the long term.

With the rise of Mac devices in workplaces, robust security measures are non-negotiable. Organisations relying on outdated security approaches tailored for adware are vulnerable to emerging threats. A multi-layered, uniform security strategy across all devices is essential for resilience against evolving cyber risks. Proactive defence is paramount in safeguarding corporate networks.