Unmanaged Apple devices a huge liability for U.S. corporations, study finds

More than half (56%) of employees in the United States who use Apple devices in the workplace report sharing their passwords with others, according to a study released on Monday by cyberthreat enterprise security firm Centrify Corporation.

Conducted by Dimensional Research, the Centrify Apple survey “demonstrates that while people widely use Apple devices for work, lack of security and management of those devices exposes companies to significant liabilities,” the firm said in a statement.

Of the 2,249 U.S. workers surveyed, nearly half (45%) use at least one Apple device for work purposes. Furthermore, a majority of those Apple devices (63%) are owned by the user as opposed to the company and are used to access work email, corporate documents and business applications. In particular, according to the study: 59% of Macs are used to access confidential company information; 65% of Macs are used to access sensitive or regulated customer information; 51%of iPhones in the workplace are used to gain access to business applications and 58% of iPads in the workplace are used to gain access to business applications.

Still, despite the popularity of Apple devices in the workplace, businesses do not invest enough resources to secure or manage them, Centrify argued. Just over half (51%) of all devices are secured by a password that is merely a single word or a series of numbers and most (58%) do not have software installed to enforce strong passwords. In addition, only 17% of Apple devices have a company-supplied password manager, only 28% of these devices have company-provided device management solutions installed and only 35% of devices have encryption of stored data enforced by their company. [click image below to enlarge]

“Ultimately there is no discernable correlation between password strength and sensitivity of information accessed or accessible from a particular device or user,” the statement said.

Bill Man, Centrify’s chief product officer said that the survey spotlights the massive exposures that occur when devices do not comply with standard corporate security policies. “In particular, customer data represents a huge liability,” Man said. “Disclosure of regulated information such as healthcare records could expose corporations to fines and other legal action. Most importantly, there are solutions on the market today that can handily secure Apple devices without sacrificing user productivity.”

Centrify offers integrated software and cloud-based services to strengthen enterprise security by managing and securing user identities from cyberthreats. The company boasts more than 5,000 customers, including half of the Fortune 50 and over 80 federal agencies.