Endpoint
5/16/2014
12:00 PM
Roman Foeckl
Roman Foeckl
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

‘Apple Picking:’ 5 Ways to Lose (& Retrieve) Mac Data

Apple platforms are far from invincible, as these common loss scenarios demonstrate.

When iPhones, iPads, and other Apple devices like Macbooks became popular, thieves saw stealing them as an easy way to make a quick buck. Now they're after much more -- data. Today's Apple devices store quality data -- contacts, credit card transactions, passwords -- of interest to criminals. Worse, BYOC and BYOD are increasingly making Macs repositories for sensitive corporate intellectual property, which further attracts both cyber-criminals and disgruntled or dishonest employees.

This story will educate IT managers and end users about the threat to data from "Apple picking" and how to reduce the risk of data loss through policy, practices, and free and market-based security tools and solutions such as data loss protection (DLP) and mobile device management (MDM). Full disclosure: My company provides such solutions.

The best way to protect your users from Apple picking is simple, but often not enforced. Train your employees to be religiously aware of their surroundings. Teach them not to leave devices (iPhone, iPad, Macbook) unattended or in plain sight of coworkers or the public. However, should an employee become a victim, here are five tips to help keep your company's confidential data safe.

Tip 1: Use the password protection and encryption already in the device
Both computers and mobile devices come with built-in security features. Ensure your users create a password and enable encryption to add another layer of protection. For Macs and iPads, FileVault is a great full disk encryption solution. For iPads, ensure that Screen Control Center, Notifications, and Today View are locked, as well.

Tip 2: Always use Apple's device tracking and locating features
If you have to, these features will enable you to wipe data off any device if it gets lost or stolen. Apple provides a guide for activating and using these cloud-based features. They're easy to set up, so why run the risk of someday needing to wipe data off a user's device, only to learn the user didn't activate device tracking and locating? The downside to wiping the device is the data is gone forever, along with options to control the device remotely. If an employee's device has been stolen, the tracking features can help you pinpoint its location, so you can alert authorities to help recover it.

Now, let's get a bit more creative and give you information that's not as commonly known.

Tip 3: Applock makes things harder for the Apple picker
Applock is a feature that allows users to set their iPhone or iPad to access only a specific application if it's stolen, adding yet another obstacle for anyone who tries to take a mobile device. For example, the app can be a media player, which can be set to play a specific song if the device is lost or stolen. Applock can also be programmed to sound an alarm or siren to annoy or scare a thief into discarding it.

Tip 4: Applock combinations: video capturing and/or voiceover apps
Through the Applock feature, an MDM solution can remotely "wake up" the phone and launch the device's video camera or a voiceover app. The camera can record everything around it, which could provide clues about who has your device. You can use the voiceover app to start talking to the person who has your phone, too. Though this may not directly avoid data loss, it can help you recover your stolen phone or gather information to decide whether to wipe away its data or not.

Tip 5: Stay hopeful
Not everyone has bad intentions. Sometimes employees simply forget their device "somewhere," and a well-intentioned person finds it. You can put the device on "Lost Mode" to set a four-digit passcode to protect it, and to display an onscreen message stating the device has been lost or stolen, along with an alternate phone number. Because the device is locked, the person has only one option: Call the number.

Roman Foeckl leads CoSoSys. The company is a leading developer of mobile device management (MDM), data loss prevention (DLP), device control, network endpoint security, and portable storage encryption solutions for Windows, Mac OS X, and Linux. It has ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Changing Face of Identity Management
Mobility and cloud services are altering the concept of user identity. Here are some ways to keep up.
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio

The cybersecurity profession struggles to retain women (figures range from 10 to 20 percent). It's particularly worrisome for an industry with a rapidly growing number of vacant positions.

So why does the shortage of women continue to be worse in security than in other IT sectors? How can men in infosec be better allies for women; and how can women be better allies for one another? What is the industry doing to fix the problem -- what's working, and what isn't?

Is this really a problem at all? Are the low numbers simply an indication that women do not want to be in cybersecurity, and is it possible that more women will never want to be in cybersecurity? How many women would we need to see in the industry to declare success?

Join Dark Reading senior editor Sara Peters and guests Angela Knox of Cloudmark, Barrett Sellers of Arbor Networks, Regina Wallace-Jones of Facebook, Steve Christey Coley of MITRE, and Chris Roosenraad of M3AAWG on Wednesday, July 13 at 1 p.m. Eastern Time to discuss all this and more.