Apple and Cisco have struck yet another blow for enterprise IT. They know that iOS is the most secure mobile solution, but that’s not everything becau
Apple and Cisco have struck yet another blow for enterprise IT. They know that iOS is the most secure mobile solution, but that’s not everything because mobile threats are incredibly complex these days.
The enigma code
Here’s a scenario: You work in an enterprise with perhaps 1,000 other employees. One morning, perhaps fifty of you woke to find an authentic-seeming email in your in-box that requested you click on a link to update some system related to the work you do. While many employees remembered not to click on that link, a small number did click. No one thought too much of the email – spam is frequent and most just thought the mail was aimed at them.
The attack was planned and the attackers have now gathered a little more detail about some of the company’s employees, including passwords.
This information helps attackers figure out password structure, and perhaps enables them to create a new collection of exploits that use those stolen details to help penetrate a little deeper into the enterprise’s IT systems.
They will be looking for secrets they can sell, dollars they can steak, and data they can abuse. They may even be sitting in local coffee shops using Wi-Fi network sniffers to monitor and crack inside the enterprise systems when accessed by employees on their lunch break.
What’s happened here is that while conventional security systems can protect end users against a lot of things, it’s less great at protecting against multi-faceted threat.
Visibility is everything
Apple’s iOS devices are now deeply entrenched in enterprise IT.
Already, over 70 percent of enterprise users provide employees with mobile devices, but conventional security methods don’t necessarily notice all the different attacks that do exist. The recently identified Blueborne Bluetooth vulnerability is a good example of an attack that existing security protections probably wouldn’t recognize.
It’s important to note that lots of enterprises use iPhones and iPads because Apple’s devices are still the most secure in the industry.
That platform proliferation means attackers who do succeed in undermining that security could make a lot of money. That’s why it is a little strange that Apple pays just $200,000 to people who identify vulnerabilities on its platforms, even while private firms pay $500,000 for the same information. There’s money at stake and no one should be complacent.
Attacks you cannot see
The big problem is that some attacks are quite transparent. Most of us would not even be aware they were taking place.
They happen at a deep device level that doesn’t seem to interfere with our user experience, and are not easily spotted by more traditional security protections.
That’s why the Apple/Cisco deal makes so much sense. To help better protect iOS devices against attack, Cisco has introduced Security Connector, an app that monitors network activity on devices, without any significant impact on device performance or battery life. Cisco’s iOS security app offers security functionality from Cisco Umbrella and Cisco Clarity.
“Ransomware and malware are spreading across the Internet and increasingly targeting mobile devices. Together with Apple, we are helping enterprises become the most connected, collaborative, and secure businesses in the world,” said David Ulevitch, senior vice president and general manager of Cisco’s Security Business Group.
There’s a Cisco blog that tells you a little more about how this works here, but at its simplest if one of those employees at the top of this story had clicked a phishing link, Security Connector would have prevented the connection.
Intelligent threat management
The power of this approach is that the solution can monitor network traffic for the kinds of anomalies that betray a successful hack, such as large amounts of outgoing data being generated by an unauthorized app.
The solution also helps prevent iOS users from accessing malicious Internet sites, and helps them avoid sharing critical data using unsecured Wi-Fi networks. You can also use Security Connector to identify what happened, who was affected and what data was at risk, in the event a company suffers an attack.
The idea behind solutions like these is that by monitoring activity and detecting threats that may otherwise be less visible, security teams can help improve the protection around enterprise tech. In a context in which security exploits are becoming ever more complex and increasingly less visible, Cisco’s solution makes complete sense.
It’s not quite the enterprise IT security insurance deal Apple CEO Tim Cook proposed earlier this year, but it’s a step in the right direction.
Google+? If you use social media and happen to be a Google+ user, why not join AppleHolic’s Kool Aid Corner community and get involved with the conversation as we pursue the spirit of the New Model Apple?
Got a story? Please drop me a line via Twitter and let me know. I’d like it if you chose to follow me there so I can let you know about new articles I publish and reports I find.