Does Apple’s Recent Security Flaw Make You Feel Vulnerable? Enter Duo Device Trust
Recently, several Apple security vulnerabilities made headlines. These vulnerabilities affected certain Apple products running versions of its iOS, iPadOS and macOS Monterey operating systems and Safari browser. Apple disclosed the vulnerability and moved quickly to address the flaw with updates for each. Pretty straight-forward process. But for organizations with users that have devices affected by the vulnerability, knowing there is a “fix” available is just the beginning.
When it comes to software and system vulnerabilities, no news is typically good news. However, when a new vulnerability is discovered, it’s time to spring into action. Quickly. Unpatched software can be exploited and lead to serious threats such as data breaches and ransomware attacks. Unfortunately, there are a lot of vulnerabilities out there. According to the National Vulnerability Database (NVD) more than 8,000 vulnerabilities were published in the first quarter of 2022.
So for security teams, having a resource like Duo Device Trust can make all the difference.
Time to remediation is critical
In an ideal world, everyone in your organization will install the new update before the cybercriminals can take advantage of the security flaw. Getting users to update to the latest operating system or browser version that closes the vulnerability, however, can be challenging. Employees are busy at their jobs, they don’t read the update memo or maybe they’ll just get to it later.
Whatever the reason, time to remediation is critical. In its 2022 Vulnerability Statistics Report Edgescan revealed the mean time to remediate critical risk vulnerabilities is almost 58 days. In the case of the Apple security flaw, that would be 58 days during which hackers can exploit these vulnerabilities to seize control over their victims’ devices. And once they have that control, accessing the company network is simple.
Having visibility into the health posture of devices before they access your network resources is a good idea to help address vulnerabilities. A healthy device is one that meets your security requirements such as running the latest OS version. Along with that, you want to enforce an access policy that reflects the need to update the OS or browser version before granting access to applications and resources on your network.
Take control by enforcing device trust
Duo Device Trust can help you address these needs by giving you the controls to block risky devices and allow access only to healthy devices. For macOS and Windows laptops and desktops, the Duo Device Health application collects information from each endpoint at the time of authentication and checks it against your access policy. When a new vulnerability is discovered, you can update your existing policy to block access until a device has been updated to the desired OS release. When Apple announced the security vulnerability, teams using the Duo Device Health app had the option to restrict Apple devices from accessing resources until updates were installed.
If you want to be a little less restrictive, you have the flexibility to adjust the period of time until the update is required, say 14 days. If it’s a browser that needs to be updated the Device Health application enables administrators to combine a Device Health application policy with other Duo policies to check the status of browsers and plug-ins. For example, you may want to block access from devices that aren’t running the latest version of Google Chrome.
Similar to the Device Health application, the Duo Mobile application has a Security Checkup feature that assesses the security hygiene of mobile devices running iOS or Android. Among the device attributes it looks for is whether the operating system is up to date. Refining your policy to require devices to have the latest OS version installed and running is simple. To balance security with ease of use, both solutions offer guided remediation to help users address the issue and quickly bring the device under compliance before access is granted.
Granular visibility with Duo Device Insight
Keeping track of each device’s health posture can be daunting. How many are running the latest OS or browser? What about devices running older versions that are now out of compliance with your new access policy? Which devices can I trust? There’s a lot to digest.
With Duo Device Insight that granular information is available in the Duo Administrator dashboard. Device Insight tracks versions of operating systems, browsers, and plugins on the devices accessing your protected resources and provides a summary view on the Device Insight overview page. You can easily see how many access devices are up to date and those that are out of date throughout your organization.
Whether the next security vulnerability comes from Apple or somewhere else, the time to prepare is now. Make sure the devices accessing your applications and resources are up to date and healthy. Duo has the tools you need to gain granular insight and adjust your access policies to keep your organization secure.