Mac work theft: what to do before and after?

It’s a beautiful fall Friday, and the IT team is ready to end another week of work with happy hour at a new brewery across the street from the office. The week was wonderful. Some small challenges happened, but this team can handle it all – no critical mission will carry over to the next week.

But at 4:32 p.m., a call from the company’s chief financial officer changed everything.

She was at an airport preparing to fly home after a busy week of business meetings. While she was doing a final review of the company’s proposed budget for next year, the airline’s crew announced her name and asked her to come to the gate gate. Frustrated, she left her MacBook on the seat and headed to the gate gate just a few feet away to check what was going on, fearing another flight would be canceled.

Fortunately, it was just a quick request for a seat change, and I agreed to it right away. However, when she returned to her seat, she was unable to find her MacBook. He was stolen! A horrific incident, but what was worse was that she wasn’t sure if she had turned off the screen before leaving her MacBook unattended – potentially exposing critical company data and access to the person who now owns her MacBook.

She was about to research airport security when the airline announced the last call on its flight. So what happens now?

Depending on how your MacBook is deployed, this scenario can lead to very different results. If the MacBook is properly managed and powered, the potential losses may just be the price of a new MacBook (and the company may have a real chance of getting the device back later).

However, if the MacBook is not properly managed and powered, the potential losses could reach millions of dollars. Especially if the thief is able to access sensitive and confidential data, including personally identifiable information of employees and customers.

So, what can IT teams do to prepare when this scenario occurs?

1. Apple Business Manager

The first preventive step is to make sure that all working Apple devices are part of your company’s Apple Business Manager account. Each company that makes use of Apple devices can (and should) have an Apple Business Manager account that the company controls.

With this account, all new devices the company purchases from Apple or authorized resellers can be instantly and automatically assigned to the company’s mobile device management (MDM) solution. This ensures that each device is automatically and remotely managed by the company’s MDM – eliminating the need for any manual configuration when the device is first turned on.

This step is more than just a convenience, it provides a high level of security by ensuring that all the company’s devices are managed remotely. Even if the device is erased for some reason, the device will always automatically connect back to the company’s MDM solution.

Currently, even devices that weren’t purchased from Apple or an Apple Authorized Reseller can be manually added to Apple Business Manager using a free app called Apple Configurator.

2. Pioneering MDM for Apple only

Having an Apple Business Manager is a great first step, but without connecting it to an MDM solution, it wouldn’t be of much use. In the same way, a faulty MDM solution may also lead to more problems for the IT team.

Managing Apple devices remotely is not the same as managing devices running other operating systems like Windows or Android. Based on this, the general recommendation from Apple IT administrators is to use a . file The only Apple MDM solution leader. This will ensure that your company always has access to the remote management features and capabilities available for Apple devices. In addition, using only an Apple MDM provider gives you confidence that the way these tools are created will allow you to get the most out of your Apple devices used for business.

Enterprise IT teams should be happy to know that you can find a leading Apple MDM just for as Under $1 per month per device.

With only a good MDM from Apple, the company can perform various actions to protect and recover lost or stolen devices, such as remotely erasing device data to reduce the chance of data loss, enable device-based activation lock, get device location, retrieve last IP address details and SSID Connected, and more.

You see, just by owning a file MDM for Apple devices only Companies can drastically reduce the chances that the loss or theft of a work machine will lead to serious consequences.

3. Apple’s Specialized Hardening and Compliance

Apple operating systems are known to be the most secure operating system on the market. But what does this mean?

This means that the Apple OS, like macOS, is heavily equipped with great security controls and settings that can be configured to achieve an appropriate degree of protection against physical access and unwanted remoteness. This is what security experts refer to as computer “hardening”.

But what are all those controls and settings? How should you properly configure it to power a Mac while keeping in mind the needs of each business? Once these configurations are applied, how can you ensure that end users will not change them – intentionally or unintentionally – or that future updates will not?

All of the above are valid questions with complex solutions, and the more devices your company has, the more difficult this task can be.

Here are some great examples of stiffness controls that can add a relevant layer of protection when your work equipment is lost or stolen:

  • Force the screensaver (with a password) after a short period of inactivity with automatic session locking: This control will ensure that if the device is not used for a few minutes, the MacBook will automatically close the session and require the local user’s password to unlock he-she. This oversight adds a level of protection and must be implemented and monitored by all businesses.
  • Enforce a complex password policy and a limit of 3 consecutive failed attempts: Without this control, the person with the device would have unlimited attempts to enter the password. This greatly increases the chance of a thief or bad actor guessing the password using techniques such as social engineering. However, if the number of attempts is limited to 3 with the account closed once this limit is reached, the chances of someone guessing the password and gaining access to the device are greatly reduced.
  • Enforce disk encryption: An enterprise IT team needs to ensure that all information on every business device is fully protected with strong encryption to add a final layer of security to the device. For example, in the above scenario, if FileVault (Apple’s original and highly secure macOS disk encryption feature) is configured and enforced correctly, once the user’s session is locked in the device, all information is encrypted and cannot be accessed without the key. Even if the device SSID is removed and connected to another device for physical extraction.

These are just a few of the many recommended hardware booster controls that companies must enforce and constantly monitor. However, checking compliance of all recommended security controls while handling incompatible devices is something that cannot be done manually – no matter how many members of the IT or security team are.

adopt goodness Specialized Apple Compliance and Hardening Tool Hardware, this task can go from impossible to fully automated. Apple’s good hardware and compliance tools include ready-to-use libraries of easy-to-use security controls. Once the IT team determines which configurations will be enforced, the solution will operate 24/7 to check each device against all possible controls and address any identified issues automatically.

Apple devices on their own provide a high level of security, even if the device is lost or stolen. However, the effectiveness of the security features on Apple devices depends on the tools and policies approved by the IT team.

Going back to our airport example, if the above steps were properly adopted by the IT team, they would probably be able to thank the CFO for informing her of the problem and recommending that she stay calm, that the device is properly protected, and that she should enjoy her trip home.

The IT team will be confident that the data is encrypted and the session closed. All they have to do is click a couple of buttons to remotely wipe the device and enable Activation Lock. Then a new MacBook can be shipped to the CFO on Monday, and they’ll still have good chances of locating the stolen one.

Some specialized Apple peripheral software providers offer something called Unified Apple platform. Mosyle, the leader in Apple’s modern endpoint solutions, sets the standard for unified Apple platforms through its product Moselle Views.

Mosyle Fuse integrates Apple’s proprietary and automated MDM, a next-generation antivirus, tightening and compliance, privilege management, identity management, application and patch management (with a full library of fully automated apps not available in the App Store), and an encrypted solution for privacy and security Online.

By unifying all solutions on a single platform, companies not only simplify the management and protection of Apple devices used at work, but also reach a level of efficiency and integration that cannot be achieved with standalone solutions.

FTC: We use affiliate links to earn income. more.

Check out 9to5Mac on YouTube for more Apple news:

Leave a Reply

Your email address will not be published. Required fields are marked *