DLP is no problem for me: Data Loss Protection and macOS Catalina

Security is at the forefront of people’s minds as more data is captured around the threats that companies of all size are facing on a daily basis, but that shouldn’t ever be a reason that a company shies away from adopting Mac. At least this is the belief of Abhik Mitra and Cory Ranschau from Code42 and Matt Bauer from Crowdstrike, setting the stage for “How to Keep Data Safe: Data Loss Protection and macOS Catalina” 2019 Jamf Nation User Conference session.

Insider threat: Employees taking data when they quit

Many people are aware of the outside threats a company faces. Malware, phsishing, smishing and all the other tricks in the book. However, they began their presentation with some pretty alarming stats from a different threat source – insider threat.

“Insider threat is on the rise. Data loss from insiders now accounts for 34% of threats, and its growing,” said Abhik. But why? Where is this statistic coming from? Well, that stat was followed up with “66% of employees admit to taking data from previous employees” and, while admitting to this possibly being a cynical outlook, Code42 believes “the other 34% from that survey are lying.”

Whether their intent is malicious or not when an employee leaves, they bring everything they have worked on, company knowledge and plans, and those can be damaging. Being able to prevent any files or true customer data to go with them is critical and doesn’t have to hinder a user’s productivity.

macOS Catalina

macOS Catalina, Apple’s newest operating system for Mac, is their latest stride toward ending the belief that using Mac and having top-notch security are mutually exclusive priorities. Rolling out a new operating system takes time, effort, work and if not properly planned for can lead to problems. Those problems lead to more work than it took to even upgrade, which could have shy companies hesitant to make the leap. According to Bauer, this is where the partners you choose to work with are critical. Your security partners should be on top of the new OS so that when you do roll it out to your users everything is secure and ready to go.

Find yourself great partners that you trust, can guide you in everything you need and be a resource when you have problems or want best practices like Code42, Crowdstrike and Jamf. They should be able to understand the relationship between security teams and IT teams. Both have similar goals but often different priorities. Being able to understand, speak to and convey the benefits of updates is a critical step to gaining buy in.

Catalina, Mac takeaways

“First of all, do it,” says Cory. “Stay up to date on things, do your due diligence, but updating to macOS Catalina brings a lot of positives. Update, train your teams to make sure they know how to use the update, and make the time to upgrade. It will be worth it in the long run.” A lot of the changes Apple has made for the new OS is for security purposes like preventing entrance to the kernel. Keeping yourself up to date limits the potential weakness you have so that you can look to face other threats.

For inside threats – accessing data requires a process. Using partners, like Crowdstrike, to monitor that process and the meta data around files and information to prevent or be alerted of abnormalities. It is critical to know what is going on, anticipate what is being attempted, and prevent security breaches. The best thing you can do is surround yourself with great partners to help you.

Finally, you don’t need to choose between productive or secure. Your team should be able to be both, and you shouldn’t have to compromise on that or the devices employees want to use. Gone are the days of having computers “chained” to desks. Teams are mobile, spread out and active, but that doesn’t need to harm your levels of security.

You may also be interested in checking out Jamf’s new Mac security tool, Jamf Protect.