Apple will once again take center stage on October 22, when they (probably) unveil new versions of the iPad, iPad mini, MacBook Pro, and the Mac Pro. We will be once again on the lookout for scams and malware that will exploit this event, as they did with the iPhone 5s.
The threats mentioned above also reiterate what we’ve said before: Mac users are not immune to cybercrime. In today’s landscape where information can be accessed practically anywhere, threats to data are no longer dependent on the type of device or operating system one is using.
One example is the continued—and even growing—exploitation of vulnerabilities found in cross-platform applications like Adobe or Java, which had several bouts of zero-day incidents during the first quarter of this year. For end users who have access to both a PC and a Mac, protecting themselves from these exploits would mean, at the very least, installing security updates for each of these platforms once it becomes available.
For enterprises, this task is compounded ten- or even hundred-fold, especially because they have to manage not just PCs and Macs, but also Android, iOS, and other endpoints that connect to their networks. With consumerization and bring-your-own device trends happening, the endpoint “ecosystem” is getting fragmented further.
This mixed bag of devices and OSes can pose several challenges for IT administrators. Controlling these devices and maintaining visibility over events is more difficult. Again, we are not just talking about PC and Mac threats here: our researchers have so far uncovered threats that affect both desktops and mobile, too.
Another challenge is the deployment of preventive measures like patches and security updates. As such, organizations should have an endpoint strategy that is composed of not only the appropriate solutions and technologies, but also of a well-thought out data security policies. More information about the can be found in our latest Security In Context Primer: Managing Multiple Devices: Integrated Defense Against Cross-Platform Threats.