Are you Apple fans ready for some digital heresy? Apple iOS is as vulnerable to security problems as any other software, even as vulnerable as gasp Microsoft. We have witnessed this evolve from occasional updates to regular iOS updates and news of active attacks in the wild. If there was any doubt it is official Apple devices need the same security measures as any other device.
None of this should come as surprise to anyone. One of the unpleasant realities of being the big dog in town is that you become an attractive target to hackers. Apple devices started as a consumer hit but that success has led to a clamor for equivalent devices in the enterprise. Top level executives love these devices and have adopted them in masses along with the regular rank in file company employee. Would be attackers now realize that Apple devices are the future and compromising them can lead to a treasure trove of corporate intellectual property.
So will Apple adopt the equivalent of a regular monthly patching window the equivalent of Microsoft’s infamous “Super Tuesday” patch window? I would bet big money on it and the reason is enterprise adoption. Most enterprise IT departments have not been on the forefront of bringing Apple mobile devices into the fold and are now quickly playing catch up.
Playing security catchup for them with Apple devices means:
- Refining policies to enable Apple mobility devices
- Educating users on security requirements on Apple devices such as patching and safe device usage tips
- Reminding users that physical security and safe browsing security measures apply on mobile devices
- Evaluating and implementing iOS enterprise security tools to help control devices that contain sensitive corporate information
Enterprise IT will also pressure Apple to release iOS updates at a consistent time of the month because it helps with planning and user education. It is a lot easier to schedule, implement and communicate security updates when a fixed release date is established and can be planned around. Then again Apple has never had a reputation of pandering to corporate IT departments so the call for consistent patch release dates may go unanswered.
Bold and not so bold predictions:
Within next 6 months a major security incident will involve the iOS and be responsible for a big intellectual property loss.
Within one year Apple will establish a fixed monthly patch window date