By Mr. Filip Cotfas, Channel Manager, CoSoSys

In the last ten years, Macs have gradually made their way into the workplace. Their number has increased through Apple’s own efforts to improve their products for use in the enterprise, such as their transition to M1 chips and system extensions, but also the implementation of Bring-Your-Own-Device (BYOD) and Choose-Your-Own-Device (CYOD) policies, which allowed employees to decide on the type of device they want to work on.

macOS device use across enterprises has increased in the business environment. This widespread use of Apple devices in business is making many companies rethink their approach to endpoint provisioning, management, and, more importantly, security.

The risk of insider threats

With its solid Unix-based architecture, native encryption options, and new kextless mode, macOS has never been more secure. However, while Macs might be more secure against brute force and malware attacks, they are just as vulnerable to one of the biggest threats to data security: the people operating them. Employees are at the root of some of the most disastrous data breaches in history, whether through carelessness, turning malicious, or falling for phishing or social engineering attacks.

The number of security incidents caused by insiders has increased by a staggering 47% since 2018, according to the Ponemon Institute’s 2020 Cost of Insider Threats Global Report, with human error alone accounting for 23% of all data breaches. A further 7% were due to malicious insiders, and 17% of external attacks used employees as an entry point into the company network.

The rise of data protection legislation

While in the past, companies may have been tempted to take their chances and rely on Macs’ advanced security to prevent data breaches, nowadays, protecting sensitive customer data is no longer a choice. Some of the world’s biggest companies, such as Google, H&M, and Marriott, have already been hit by fines. Reputational damage is also harder to overcome for small to mid-sized organizations as it increases the likelihood of lost business as customers choose competitors without a history of bad data security practices.

Protecting sensitive data with Data Loss Prevention

When it comes to sensitive data protection on Macs, solutions like antivirus and antimalware software that protect an entire device from outside tampering, are not effective. Employees need access to data to effectively perform their duties. Data Loss Prevention (DLP) solutions were developed to help companies secure data from human error by protecting sensitive data directly.

Using DLP, organizations can define what sensitive data means to them, whether it’s personally identifiable information (PII) or different categories of intellectual property (IP). Once defined, DLP policies can be applied to identify, monitor, and control the movements of files containing sensitive information. In this way, companies can prevent sensitive data from leaving Macs and ensure it is not transferred via insecure channels such as messaging apps, personal emails, or file-sharing services.

Removable devices, which can easily be lost or stolen, are another common data security concern for computers running on any operating system, including macOS. Device control features can help companies monitor the use of removable devices and identify which user has copied files to which devices, making it easy to spot suspicious insider activity that may result in data theft. DLP device control policies can limit or block the use of USB and peripheral ports as well as Bluetooth connections.

Some DLP solutions offer a higher degree of flexibility in policies, allowing companies to set restrictions and privileges based on groups, departments, devices, and even individuals. In this way, employees with access to sensitive data daily can have stronger policies without affecting the rest of the workforce.

When protecting data on Macs, companies must choose DLP products offering zero-day support for new macOS releases. This means that the product developers have access to macOS updates ahead of their public release and can test their software with them. Incompatibility with new updates can compromise a company’s data protection efforts and open the door to data loss. Organizations can ensure continuous data protection by choosing DLP products offering zero-day support.