It should come as no secret that Apple devices have been facing an increased number of attacks by threat actors. As Apple continues its meteoric rise, its devices can be found in use everywhere you turn - on campus and off. The popularity of their devices is fueling its adoption rate among schools, staff and students, and is directly linked to the growth of security incidents aimed squarely at Apple devices and their users. According to a study by the University of Maryland, it is estimated that a cybersecurity attack occurs every 39 seconds! But what are attackers looking for, you ask? Simply put: data. More specifically, your personal data and that of your students, faculty and staff in a concerted effort to gain access to everything, from personally identifiable information (PII) and personal health information (PHI) to documents relating to financial, confidential and proprietary records, such as intellectual property – there is no end to where the data trail will lead.
Dual-modality of attacks
Institutions of higher education (HiEd) are no strangers to all of these types of attacks. In fact, they regularly face waves of malware attacks, which include targeted ransomware campaigns that seek to infect unsecured endpoints, while also aiming to compromise mission-critical applications. Applications like popular collaboration tools, remote examination and unauthorized apps that may not be up to date or even allowed to run on Mac computers used by staff and students, provisioned by IT departments. Similar to other organizations affected by the global health crisis, HiEd has had to shift its technical support model to account for the explosive growth of faculty, staff and students' distance learning. This shift to working and learning from home - away from the protection of the institution’s security appliances and trusted network - has also become the catalyst that prompted threat actors to modify their own tools and campaigns, further intensifying malware attacks by targeting the users and software they’ve come to rely on in order to stay productive and attend school remotely.
Another reason HiEd attacks have increased is that in the US, universities and colleges have increased their research capabilities to include medical, government, biotech and other projects that receive funding from 3rd-party sources, making them data-rich, high profile targets for threat actors. As touched upon prior, distance learning initiatives have erased the network perimeter — once helping to keep facility, staff and students protected behind strong security appliances, like Firewalls — leaving users to connect from home and potentially other insecure networks. This is to say that the last remaining safeguard against the growing list of threats is any endpoint security software that might be installed on the devices themselves.
Apple’s ecosystem creates a strong foundation of security between its products and services, making it increasingly hard to penetrate its defenses. While strong, these protections are not infallible and do not natively offer the comprehensive Mac security protection necessary to ensure the level of information assurance that colleges and universities require to mitigate risk.
The Mac-focused solution
Enter Jamf Protect. The powerful security solution is not only purpose-built for Mac to eliminate known malware and detect Apple-specific threats, but does so with a small footprint, utilizing minimal device resources while remaining seamless to the end-user. Working tirelessly in the background to keep your institution’s Mac computers secured against the never-ending threats and allowing students and teachers alike to stay focused on the learning environment.
As universities and colleges identify how to take the next step toward minimizing risk to their Mac computers and integrating that security strategy with an endpoint management solution, such as Jamf Pro, further helps these institutions to provide support to the devices in their infrastructure by leveraging the Apple Enterprise Management (AEM) system, or holistically supporting endpoints through the tenets of the connect, manage and protect triad.
All-inclusive support and protection
When implemented properly, AEM serves HiEd by being able to leverage the Single Sign-On (SSO) for centrally managing accounts to provide access to macOS devices, applications and services, while securing endpoints, protecting them against known malware, threat detection and constant monitoring and reporting to provide the visibility needed for IT to determine device health. Last but not least, the management component allows IT to dispatch security teams to investigate threats detected, or simply automate remediation workflows to make short of device clean-up efforts. In fact, one of the biggest takeaways to securing and automation is the emergence of Security Orchestration, Automation and Response (SOAR) which performs set pre-defined actions in response to detections and/or devices that are out of compliance with network or security policies.
Whether it’s sanitizing a device, removing an unauthorized app, or performing patch management – all can be handled with ease and assurance that risk is managed quickly and efficiently, while helping higher education stakeholders to achieve compliance.
Since 2002, Jamf has studied the use of Apple devices in education. Jamf’s strong partnership with Apple and the education sector — coupled with an ability to understand the evolving threat landscape — provides us with insight into the unique needs of higher education and how to craft a solution that fulfills this demand.