Back to Blog

Rise in Remote MacOS Workers Driving Cybersecurity ‘Rethink’

October 5, 2020

By: Sikur

With twice as much malware now targeting Macs, IT pros need to scramble to adapt to a large, and likely permanent, work-from-home population, experts say.

With millions of people working from home due to the pandemic, the incidence of adware and potentially unwanted programs (PUPs) is rising much faster on Macs, and Mac-based companies are encountering similar cybersecurity issues to their Windows-based counterparts, according to IT and security experts presenting at the annual Jamf Nation Users Conference (JNUC) this week.

Historically, Mac users and their companies haven’t had to worry nearly as much about malware as Windows users, but working from home has highlighted issues in managing remote Mac users. Many IT and security teams, however, haven’t had to deal with the issues of managing technology for a zero-touch workforce, said Ed Joras, business development specialist at CDW, an IT solutions firm,during the virtual conference.

“The landscape has changed, and that will require a complete rethink of cybersecurity,” he says. “We took all those people who work from the office and now they are at home, and they all became targets the minute that that happened.” 

In a presentation on managing remote workers securely, Joras estimated that 25% to 35% of office workers will work from home for the foreseeable future. Rather than expending resources on creating cubicle farms, companies will focus on finding better ways to provision those workers, he said, noting that executives are increasingly describing the situation as “show up when you want to” (SUWYWT).

In terms of cybersecurity, that means focusing on Mac users as much as the devices, Joras said.

“When this settles out, a large group of users are not coming back to the office ever,” he says. “What we have to think in terms of is hardened users and hardened user practices because they will always be the weak link in the security chain. We need to find a new balance.”

With a remote workforce, security can be more challenging for Mac-reliant companies, especially because the platform is becoming a greater target of attackers, according to a presentation on Mac threats at the virtual conference. 

While detections of Mac-targeting adware, malware, and unwanted programs is only 14% of the total suspicious and malicious programs detected by security firm Malwarebytes, the average Mac encounters twice as much malware as the average Windows computer, said Thomas Reed, director of Mac and mobile security at Malwarebytes.

“Mac malware is on the rise. This is in part due to the rising marketshare of the Mac,” he said. “It is also likely to be caused by who uses Macs. There are a lot of dirt cheap Windows machines … but if you are buying a $2,000, $3,000 Mac, are they a good target? Most likely, yes.”

Yet the two platforms see different threats. The vast majority of suspicious and malicious programs detected on Macs are adware and potentially unwanted program (PUPs), with malware accounting for only 0.3% of the detections

“Even though adware is something that a lot of people think is a nuisance, it is something that you don’t want on your computer,” Reed says. “There is a lot of potential for data exfiltration.”

Yet Apple is making significant strides in locking down Macs against unwanted software and giving companies a reliable process for securely setting up systems for remote workers. Healthcare records management company Redox, for example, has a complete process for providing users with a new system straight from the factory while provisioning the system with access and security — a zero-touch process, said Kevin Friel, an IT engineer with Redox, in a presentation on provisioning remote users.

“The end result is a fairly efficient and secure process that allows our IT to reach into that Mac virtually and set it up,” he says. “And to the end user, it just works.”

Source: DARKreading

Contact us

Safety is essential to your decision making. We are sure that our team can clarify any doubts. After all, we understand security.

contact@sikur.com

Follow us

Try SIKUR





Contact Us
First Name*
Last Name*
E-mail*
Mobile Number*
Company*
Country*
Tell us what do you need* ?
Products: Hold CTRL+Click to add more than 1.* ?
Comments
I agree to the Privacy Policy and Terms of Service.