Lack of encryption and weak or shared passwords on Apple devices in the workplace are exposing sensitive corporate and customer information says research from identity protection specialist Centrify Corporation.
The survey of 2,249 US workers, conducted by Dimensional Research, found fundamentally that while people widely use Apple devices for work, lack of security and management of those devices are opening up companies to significant liabilities.
Nearly half (45%) used at least one Apple device for work purposes while in general nearly two-thirds of those Apple devices (63%) are owned by the user as opposed to the company and are used to access work email, corporate documents and business applications.
Almost three-fifths (59%) of Macs are used to access confidential company information while 65% of Macs are used to access sensitive or regulated customer information. In addition 51% of iPhones in the workplace were used to gain access to business applications while 58% of iPads in the workplace were used to gain access to business applications.
Yet worryingly, the survey also found that despite the popularity of Apple devices in the workplace, businesses were not investing enough resources to secure or manage them. Over half (51%) of all devices were secured by a password that is merely a single word or a series of numbers.
Most devices (58%) did not have software installed to enforce strong passwords and a similar percentage reported sharing their passwords with others. Worse only 17% of Apple devices reported having a company-supplied password manager and only 28% of Apple devices had company-provided device management solutions installed. Only just over a third of Apple devices had encryption of stored data enforced by their company
“[The] Apple survey spotlights the massive exposures that occur when devices do not comply with standard corporate security policies,” commented Centrify senior vice president of products and marketing Bill Mann.
“In particular, customer data represents a huge liability. Disclosure of regulated information such as healthcare records could expose corporations to fines and other legal action. Most importantly, there are solutions on the market today that can handily secure Apple devices without sacrificing user productivity. It’s time for IT to take action.”