Apple offers devs two useful enterprise security tools | #macos | #macsecurity | #cybersecurity | #infosecurity | #hacker



Two sessions I attended at last week’s Worldwide Developer Conference (WWDC) — the Managed Device Attestation and Secure Endpoint sessions — highlight the company’s commitment to delivering increased capabilities for security tools. While both were naturally oriented more to developers of device management and security solutions than to end users or IT admins, some of the additional capabilities developers will be able to build into enterprise tools are noteworthy.

Managed Device Attestation

Let’s start with Managed Device Attestation, a new capability that helps ensure servers and services (on-premise or in the cloud) only respond to legitimate requests for access to resources.

The use of cloud services and the deployment of mobile devices both grew in tandem (and exponentially) during the past 10 years, which changed the enterprise security ballpark significantly. A decade or so ago, having strong security at the network perimeter coupled with VPN and similar secure remote access tools was the primary way of securing a network — and all enterprise information.

Security today, though, is much more complex. Many resources live outside the corporate network entirely, and that means trust evaluation has to occur across a broad range of local, remote, and cloud services. This typically encompasses multiple providers and each needs to be able to establish that the users and devices connecting to them are legitimate; that goes well beyond simple authentication and authorization.

Today, services rely on user identity, device identity, location, connectivity, date and time, and device management state to determine whether requests for access are valid. Services can use any or all of these criteria, and most — including MDM solutions — can use these criteria when granting or denying access.

Depending on the sensitivity of the data, simple user authentication may be enough for a given security posture or it may be prudent to rely on all of these criteria before granting access, particularly for sensitive or administrative systems.

Copyright © 2022 IDG Communications, Inc.



Original Source link

Leave a Reply

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


Ads

NATIONAL CYBER SECURITY RADIO

Ads

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW