GoKawiilApple @ Work is exclusively brought to you by Mosyle, the only Apple Unified Platform. Mosyle is the only solution that integrates in a single professional-grade platform all the solutions necessary to seamlessly and automatically deploy, manage, and protect Apple devices at work. Over 45,000 organizations trust Mosyle to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.
If you spend enough time managing Apple devices in an enterprise environment, you start to spot patterns in how security incidents happen. It is rarely a cinematic Ocean’s 11-style hack. Instead, it is usually a user delaying an iOS update for three months or an employee connecting to an open Wi-Fi network at a hotel or coffee shop. Jamf recently released its Security 360: Annual Trends Report on Mobile Devices, and the data paints a very clear picture of the vulnerabilities that IT departments are currently facing. Even in the age of AI, what’s old is new again
About Apple @ Work: Bradley Chambers managed an enterprise IT network from 2009 to 2021. Through his experience deploying and managing firewalls, switches, a mobile device management system, enterprise-grade Wi-Fi, 1000s of Macs, and 1000s of iPads, Bradley will highlight ways in which Apple IT managers deploy Apple devices, build networks to support them, train users, stories from the trenches of IT management, and ways Apple could improve its products for IT departments.
As IT admins, we are constantly thinking about, pushing, or nagging about updates. The report highlights exactly why this is a massive liability. According to the data, 53% of organizations have at least one device with a critically outdated operating system. That means more than half of the companies surveyed have unpatched, highly exploitable vulnerabilities sitting right in their employees’ back pockets
In 2025, we saw critical vulnerabilities such as CVE-2025-31200, where processing an audio stream from a maliciously crafted media file could result in code execution. The user does not even have to tap a link; their device just processes the audio message for previewing, memory corruption occurs, and the device is compromised. If you are not enforcing OS updates through your device management platform, you are leaving the door wide open for these advanced persistent threats.
The challenge is that employees are trying to work while constantly receiving updates, which is good for infosec but can be a challenge for busy employees.
Jailbreaks and alternative marketplaces
Apple’s walled-garden approach to the App Store, since its launch, has been a massive benefit for IT security. However, as the ecosystem shifts, new risks are emerging. The report found that 1 in 850 work devices were jailbroken. When a device is jailbroken, it bypasses Apple’s security restrictions, creating a backdoor that attackers can use to access your system.
2% of organizations had devices utilizing alternative app marketplaces. While power users might love the flexibility of sideloading, it is a nightmare from a corporate data perspective. Alternative stores are not subject to the same rigorous security and privacy requirements as the official App Store, vastly increasing the risk of malicious software entering your environment. Plain and simple: In my opinion, the App Store works for the enterprise.
The network is the new perimeter
... continue reading