Beginner’s guide for configuring security on Apple devices

5 min read

by Mosyle Team

@mosyle_biz

Beginner’s guide for configuring security on Apple devices

Corporate devices are becoming more common in the workplace since companies are understanding the benefits of using technology in the workplace more and more. Doing so can increase employee productivity and engagement.

Companies are also starting to adopt BYOD programs, as employees are able to bring in their own devices that they’re already comfortable using. However, whether it’s BYOD or not, using Apple devices at work comes with its own set of worries, and one of the biggest worries people have when it comes to technology at work is security.

How can corporate data be kept safe? How can employees know if their private information remains private? What can IT teams do to ensure that the best security measures are in place? Not having the correct security measures in place could create even more of a risk, and data breaches are costly. That’s why it’s important to follow security guidelines.

But which guidelines are best to follow? The Center for Internet Security (CIS) is here to help.

In this article, we’ll go over what CIS is and how you can make sure that Apple devices are configured properly. We’ll also cover how MDM streamlines this process even further.

What is the Center for Internet Security (CIS)?

The Center for Internet Security sets the global standards for IT security. The guidelines and benchmarks they share are curated by cyber experts, and are offered free to anyone who is looking to create the optimal secure digital environment. Their benchmarks can be downloaded here and are available for different OS, including macOS.

Included in the benchmarks are also different configuration profiles that explain the different levels of each configuration. For example, level 1 is for a base recommendation and level 2 is for environments where security is integral. CIS recommends applying recommendations in a test environment first.

When it comes to corporate environments, making sure that your end-users, devices and sensitive corporate information is safe can be an overwhelming task. Following these security guidelines can help you meet CIS compliance on your Mac computers.

Below are some of the areas that’s CIS suggests focusing on:

  • Installing updates
  • System preferences
  • System access
  • Identity management
  • Network configuration

Check out the rest of the topics and in-depth information about each of them here.

How to know your Mac computers are CIS compliant

As mentioned earlier, these guidelines are a great way to make sure that you’re CIS compliant and aren’t putting your end-users or devices at risk. But if you have a large fleet of Apple devices, putting these guidelines into practice is easier said than done. It’s a time-consuming yet necessary process, which is why MDM solutions have built-in features that help you apply these configurations to your devices easily.

Using an MDM solution like Mosyle Business, a software that tailors itself to your industry, gives you control over the settings that ensure CIS compliancy.

Discover the most transparent, predictable, cost-effective MDM solution for Enterprise

Don’t break your bank, estimate your savings and learn more about the plans that better fit your enterprise’s budget.

See Plans and Pricing Mosyle Business

Installing updates is one of the most important aspects of security, and it applies to both software and apps. Applying these updates means that you’re not only getting the latest features, it also means you’re getting the latest security patches from Apple.

With Mosyle Business, you can push software and app updates on all devices at once. Not installing these updates can leave Apple devices vulnerable, including employees’ personal data, so it’s important to make sure that the devices are constantly updated.

When it comes to system preferences, there are so many different configurations that CIS recommends applying which can help create a more secure environment, like changing Bluetooth discoverable settings. You can remotely change Bluetooth settings so that devices aren’t discoverable using Mosyle Business.

This prevents unauthorized users from accessing devices. You can also turn off Bluetooth entirely if it’s not needed for day-to-day tasks. CIS recommends making sure that password management is optimized. Mosyle Business offers many options for managing passwords, and has passcode policies in place such as minimum password length.

There are also certain encryption capabilities that you can configure on macOS that increases security, such as FileVault and Gatekeeper. If using FileVault, data is encrypted and secured with a password. Gatekeeper helps restrict certain unauthorized apps from launching, so make sure to enable it on your devices. You can do that on your entire fleet of Apple devices when using Mosyle Business. Make sure to check out the CIS benchmarks for macOS to learn how to best configure security and privacy settings.

CIS also recommends enabling your Firewall for an extra layer of security. Configuring this properly is integral to the safety of corporate and personal data, as is network configuration. Check out our network configuration guide for more in-depth information and tips on how best to do this.

Using corporate devices in the workplace is a big step but it can bring about a huge return on investment. Knowing how important security is means that the necessary steps should be taken to ensure that the company, people and devices are safe from a possible data breach both externally or internally. Using an MDM solution to take care of the security and privacy aspects means that a lot of those necessary steps are automated, saving you time and effort. Sign up for your free 30-day trial of Mosyle Business today!