Apple security and management experts at Jamf have conducted a comprehensive analysis shedding light on why many users are inadequately prepared to confront the latest cybersecurity threats affecting Macs and iPhones.
The examination of real-world user data has led Jamf researchers to issue a crucial security warning involving three actions that render users vulnerable to attacks. Addressing these issues could significantly enhance your security and privacy.
Through an analysis of data obtained from 15 million desktop computers, tablets, and smartphones across 90 countries, the Jamf researchers made intriguing discoveries concerning Apple devices. The 12-month research, concluding in the last quarter of 2023, identified 21 new malware families out of a total of 300 existing on the macOS platform.
Michael Covington, Vice President of Portfolio Strategy at Jamf, highlighted, “The data in our report shows that Mac and mobile fleets have fared reasonably well over the past 12 months. However, this result is largely due to sheer luck, with a growing list of malicious tactics emerging and organizations demonstrating poor security hygiene overall. The year ahead is likely to be challenging for business if trends do not change.”
This critical warning is directed at Mac and iPhone users, emphasizing the need to address specific Apple security features.
Jamf’s research discovered that users are disabling essential features that play a crucial role in providing device security.
Don’t disable filevault
The initial aspect involves FileVault, a functionality designed to encrypt data within a volume. However, this feature was found to be “turned off on 36% of devices in the research pool, despite its straightforward deployment, configuration, and management of encryption keys.”
Don’t disable firewall
The next observation pertains to the system firewall feature, which was discovered to be deactivated on 55% of Macs, despite the prevalence of web-based threats targeting mobile devices. The report emphasizes that enabling firewalls is an established industry best practice known for preventing devices from accepting incoming connections from unauthorized applications and services.
Enable lockscreen protection
Lastly, the third aspect concerns the usage of lock screen protection, described by Jamf researchers as a “fundamental feature of mobile devices that secures data from unauthorized access but also serves as the decryption key for all data stored locally on the volume.” However, throughout 2023, 3% of iPhones and iPads were found to have the lock screen disabled, and “25% of organizations had at least one user with lock screen disabled.”