CIS8018 – Strategic information security: Research paper in current security status of Apple Inc.
Abstract
Development in information technology has gained rapid pace over the last few years. With the expansion in information technologies, more companies including government, non-government and private firms hasbuilt their dependencies towards it. On the one hand, it has proven to be a milestone in the operation and development of any firm. But on the other hand, due to various securities and vulnerabilities issues, data and information within the network are more likely to be on the edge. Thus, it is very essential to know about securing the vital information of own’s firm that is on the digital system. In general, security can be defined as “being free from danger”. In other words, security means making data and information free from any risk of being stolen, damaged or vandalized. This paper describes the current state of the Apple Company, different information security threats that the organization is facing, various steps taken by the firm to overcome the issues and suggestions for improvement.
Keywords: Information security, Threats, Data, security
Introduction
Information resources assume a basic job in continuing business accomplishment by driving advancement and opening doors for the improvement of upper hand. All things considered, protection of the confidentiality, honesty and accessibility of these data assets is a huge basic for associations, like the requirement for a suitable information security strategy in organisations to encourage data move at a between hierarchical level.
The aim of this report is to identify a strategic method for securing information and data that contributes in decision making and operation of strategic level organisation. Its goal is the organisational success. Expressively, some of the world’s biggest organisations that range from government, multinational to non-government organisation have faced quite a challenge when it comes to securing information over the digital world. By reviewing numbers of literatures, a perspective will be set that can help to overcome these security issues to all organisations. This paper will critically review on the business organisation “Apple Corporation”. Paper will include the present status of the company, security challenges faced by the company, evaluate the situations and conclusions will be drawn.
The paper will be focused on four major sections. First, we explain about Strategic Information Security by introducing Apple corporation, discussing the origin and features of the firm. Secondly, we discuss the security issues faced by the company in the past. Third, we describe the steps and measures that are taken by the company to overcome the issues. And finally, we draw conclusions and provide some suggestions and recommendations in the area.
Strategic Information Security
A pure definition of strategic information security is uncommon in information system literature. Thus, this discussion in the topic is more author-centric rather than concept-centric.
Park and Ruighaver (2008, pg. 27) define information security strategy as: “an art of deciding how to best utilize what appropriate defensive information security technologies and measures, and of deploying and applying them in a coordinated way to defence (sic) organisation’s information infrastructure(s) against internal and external threats by offering confidentiality, integrity and availability at the expense of least efforts and costs while to be effective”.
Beebe and Rao (2010, pg. 330) define information security as “the pattern or plan that integrates the organisation ‘s major IS security goals, policies, and action sequences into a cohesive whole”. The authors of this article believe that information security is a well-documented plan that matched the external cyber threatswith countermeasures to fight against it. Also, all required supporting policies and rules are included within it. A good strategy is viewed as the means to influence a company’s environment via careful selection of internal controls rather than external.
Strategic information security can be used to develop and improve the quality of the organisation. It is very essential to prevent threats to the information of the organisation. Thus, it can include wide area of study that includes surveillance, prevention, detection, deception, perimeter defence and layering. (A. Horne, C et. Al)
Data Security
Data Security simply means protecting any kinds of files, database and accounts by applying various control techniques and methods. Data security is important when it comes to important data in any business sector which helps in maintaining the smooth running of the organization. It helps to reduce possible risk related to any kind of data. The CIA triad (confidentiality, integrity, availability) is the main element in data security, which helps to maintain and protect sensitive data from unauthorized users or outsiders. To protect data, at first it is important to know the location of data, who else has access to the data and doing continuous monitoring and real time alerting (Buckbee, 2019).
Apple Inc.
Company background
Apple Company is one of the leading companies that designs, manufactures, and markets mobile communication devices and computers. Establishing in1977, it also sales various related software, services, and applications. the company’s products includeiPad, MacBook, air pods, Apple TV, Apple Watch and many more.Digital content and applications are sold via iTunes Store and hardware are sold in their own Apple stores and other wholesale, retail stores. Today, the company has its branches all over the world. It designs and develops its own operating system, hardware, software and services. The Company sells directly to consumers, small and large businesses, enterprises and government organizations.
The Company also employs a variety of indirect distribution channels, such as third-party cellular network carriers, wholesalers, retailers and resellers. During 2018, the Company’s net sales through its direct and indirect distribution channels accounted for 29% and 71%, respectively, of total net sales. (Apple Annual report, 2019)
Apple’s current security status
Apple, being one of the companies renowned for its quality product and service, maintains a strong degree of control over the security of its software and products, compared to other platforms. Greater security is the base behind the design of the vast software ecosystem. Currently Apple acquire two operating systems (iOS and Mac OS X). As both operating systems are based on a similar framework, it is likely that an attack on one of the operating systems might affect the other.
The “walled garden”
While shipping Apple Mac computers Mac OS X preinstalled, and hardware and operating system are marketed as a sole set. Since 2006, Mac OS X permits users to create a dual boot system which means the computer can also run Windows operating system. On other hand, Mac OS cannot be installed or run-in other computers. As Mac OS is only developed by Apple Corporation, Google Android stands as main rival as it is an open-source platform which means it may be used by any developer.
This “walled garden” method started with the introduction of the first iPhone. Originally, iOS did not authorise the installation of third-party apps. But, in 2008, the company released an iOS Software Development Kit (SDK) for other developers. This introduced the capability to connect third-party apps.
The App Store
App Store is a single location from where the users can install the apps. Within it the third-party apps could be installed by creating its own distribution platform. But to be able to order and install any app listed on the App store, it should be first verified by Apple. To bypass the restriction, the users can jailbreak the iOS devices which enable them to take the benefit of privilege escalation vulnerabilities to get to root access. This may enable users to install a wide range of apps in their Apple devices, but on other hand the user may install some malware packaged as a genuine app that increases the security risk. Over time, there are vase number of such issues where pirated games that are distributed via unofficial market often contain malware that put the information security on the edge. (O’Brien, 2016)
Security breaches
Apple plans and operates a high level of security within its system and products. Despite high security procedures and very sophisticated security level, many attacks have happened at times.
“Apple devices have experienced a surge in popularity in recent years. According to IDC, the company now accounts for 13.5 percent of global smartphone shipments and 7.5 percent of global PC shipments. This increase in usage has not gone unnoticed by attackers. A rising number of threat actors have begun developing malware designed to infect devices running Mac OS X or iOS.” (O’Brien, 2016)
In September 2015, one of the most serious breaches in the system occurred. It affected the App Store and a lot of costs for the company. It was found that a huge number of Trojanized iOS apps were being presented in the App Store. It was also found that those malicious apps were developed using Xcode. Xcode is an Apple’s software development tool for its operating system.
In October 2015, around 256 apps were removed from the App store. It was found that an advertising SDK was sending the users’ personal information and device information without user’s knowledge. Some information that was sent was a list of apps installed in the device, serial number of iPhones and apple devices, list of hardware components that the app was running, Apple ID and email addresses of the user and so on.
In November 2014, malware was used to vandalize the Mac OS applications using Trojan Viruses. It was believed that around 467 applications on App Store were vandalized. Those apps were downloaded exceeding 30000 times. A similar trick was also used by Hacking group to contaminate its target.
Some of the Mac OSX malwares are Adware, Butterfly: Corporate espionage attacks, WireLurker, SearchProtect, Sudoprint, Genieo, RSPlug etc. some of the IOS malwares can be identify as KeyRaider, Xagent, Oneclickfraud, passrobber and others.
Apple System Integrity Protection
Apple applies and updates its operating systems and the security of the software and services over time. Also, with each upgrades of the services, the system integrity protection has also been improved. During September 2015, Apple release new OS X 10.11 El Captain. This newly released OS security has tightened in the form of system integrity Protection. Some of the poor design and software have been updated and improved. Initially, there was unlimited access to all parts of the system to the root account. This was originally as Unix-based OS was released. This new OS removes this process that not only improves the system integrity but also improves the level of protection. There have been many changes in the system integrity protection. Some of them are listed below:
- File system protections: initially, system location can be written to by the root account. This process was illuminated and instead, Apple’s code-signing identity is required to modify the files. Apple designated locations to third party developers, thus, apps now must be written in those locations.
- Runtime protections: Tertiary apps and developers can no longer attach themselves to Apple’s system processes. Now, only Apple Installer can modify the system binaries from company provided packages. Thus, the third-party apps can no longer ne set up into Apple’s system.
- Kernel extensions: Kernel extensions now must have an Apple Developer certificate to be able to get System Integrity Protection. It can also be enabled if needed. However, to be able to perform the act, the user needs to boot the OS recovery partition and then execute the command.
Gatekeeper
While the walled garden approach is most created in the iOS commercial center, Apple has consistently expanded the degree of security around what can be introduced on PCs running Mac OS X. Presented in September 2012 as an update to OS X 10.7 “Lion”, Gatekeeper is an element that permits Mac OS X clients to consequently obstruct the opening of utilizations from untrusted sources. Watchman furnishes the client with three choices. The main will just allow applications that have been downloaded from the Mac App Store to be opened. The subsequent choice, which has been the default since OS X 10.8 “Mountain Lion”, just allows the opening of applications that have either been downloaded from the Mac App Store or from engineers who have gotten an exceptional Developer ID from Apple and use it to carefully sign their applications. The third choice allows the client to run applications paying little heed to their beginning. This successfully implies Gatekeeper has been killed. Notwithstanding when this setting has been chosen, Gatekeeper will even know square applications that have been marked with a Developer ID, however have been modified or altered after they were agreed upon. Guardian allows a client to supersede its settings by right tapping on the application and opening it from the setting menu. The client will be given expeditious notice, giving the decision to open the application or drop the activity. While Gatekeeper furnishes the client with impressive extension for bypassing its security highlights, directors can secure PCs to keep this from occurring. Guard can counteract conceivably malevolent applications from running on Mac OS X Page 8 The Apple risk scene a head secret key. Selecting to abrogate Gatekeeper on a case-by-case premise likewise requires managerial benefits. It ought to be noticed that Gatekeeper just screens applications downloaded from the web.
Apple ID security
The Apple ID is a qualification used to sign into a wide scope of Apple services, including the iTunes Store, the App Store, iCloud, and iWork. Given that the certification gives access to such a scope of administration, it isn’t astonishing that it has pulled in the consideration of assailants, bringing about battles including the robbery of Apple IDs. A taken Apple ID and secret word can be utilized to buy music, films, or programming, with the proprietor’s instalment card charged for the buys. They can likewise be utilized to get individual data, for example, documents and photographs sponsored up in iCloud. The most prominent Apple ID episode happened during August 2014, when several private photographs having a place with famous people were discharged on the web. The aggressors were accepted to have gotten to the open figures’ Apple certifications, taking any photographs that the unfortunate casualties may have sponsored up on iCloud. Following theory that iCloud may have been undermined, Apple has said that it has discovered no proof of a break in any of its frameworks including iCloud or Find my iPhone. The organization inferred that the hole was the consequence of phishing, “a very focused on assault on client names, passwords and security questions, a training that has turned into very regular on the web”. Following the break, Apple moved to relieve protection concerns. In an announcement distributed on the Apple site, CEO Tim Cook said that security and protection were basic to the plan of Apple items and administrations. “Two-advance confirmation, which we urge every one of our clients to use, notwithstanding securing your Apple ID account data, presently likewise ensures the majority of the information you store and stays up with the latest with iCloud,” Cook said. Apple likewise moved to counter animal power assaults against iCloud accounts after a proof-of-idea assault instrument called iDict was discharged on GitHub. The device’s creator said it could sidestep account lockout confinements and optional confirmation on any Apple account. Apple quickly upheld rate restriction for login endeavors, for example, those created utilizing iDict.
Protection
Both Symantec and Norton contributions give a hearty arrangement of protection advances for PCs running Apple OS X. These include Network-based protection innovations: filtering system traffic entering and leaving a PC running OS X, these advances, can reproduce application layer conventions on the fly to help searching for indications of malevolent action contained inside and obstruct as fitting. This gives the capacity to conventionally square endeavours at misusing known vulnerabilities. Document based assurance innovations: the customary record-based antivirus (AV) motors utilize a lot of identification advances to sweep documents searching for malevolent substance contained inside. Included are continuous filtering abilities to screen all document creation and alteration exercises to distinguish the primary indications of malignant movement.
New threats
Although still little as far as by and large malware numbers, the quantity of new Mac OS X dangers found every year is drifting upwards. The expansion in dangers focusing on Mac clients may, to some extent, be driven by the developing fame of Apple stages. For instance, Mac OS X’s piece of the pie presently remains at 8 percent, practically twofold what it was seven years back. Proceeding with development for Apple will imply that a more prominent extent of aggressors will quit seeing the organization’s work area OS as a specialty market and start focusing on it more frequently. A developing number of cybercriminals, corporate surveillance gatherings and state-supported insight tasks have started focusing on Apple clients with malware intended to keep running on Mac OS X.
As far back as 2011, master Mac OS X malware creation toolboxes were starting to be grown, for example, the Weyland-Yutani BOT tool stash, accepted to be the first to focus on the stage. Extent of adware, and undesirable and deceiving application location contrasted and malware recognitions. The Apple risk scene Ransomware has introduced a noteworthy danger as of late, yet aggressors have, until this point, to a great extent concentrated on Windows clients. Macintoshes have every so often been focused with ransomware as program-based dangers. There have been occurrences of malignant sites focusing on Safari for Mac clients, with JavaScript making the program show constant pop-ups educating the client that the FBI had “bolted” Safari as it was utilized to see illicit substance. (O’Brien, 2016)
Conclusion and recommendation
The success of Apple devices has generated increased interest among attackers, as a growing number of malicious actors are developing threats for Apple platforms. Despite of high security procedures and very sophisticated security level, many attacks have happened at times. Apple, being one of the companies renowned for its quality product and service, maintains a strong degree of control over the security of its software and products, compared to other platforms. Apple is developing numerous products with an increase in technological development and similarly increasing security mechanism from unauthorised access and protecting from future threats.
Although apple has strong privacy, security level, there are still hackers and attackers that try to get access to personal information of the users. With continuous development in technology, security mechanisms also need to be increased to a high level. Maintain improved privacy and security features that are designed for all sectors. Strict policies and procedures should be implemented to protect from unauthorized access from such attackers.
References
Anon, (2019). [ebook] Washington, D.C. 20549: UNITED STATES SECURITIES AND EXCHANGE COMMISSION. Available at: http://www.annualreports.com/HostedData/AnnualReports/PDF/NASDAQ_AAPL_2018.pdf [Accessed 27 Aug. 2019].
Beebe, N.L., and Rao, V.S. 2009. “Examination of Organizational Information Security Strategy: A Pilot Study,” AMCIS 2009 Proceedings.
Beebe, N.L., and Rao, V.S. 2010. “Improving Organizational Information Security Strategy Via MesoLevel Application of Situational Crime Prevention to the Risk Management Process,” Communications of the Association for Information Systems (26:17), pp 329-358.
Buckbee, M., 2019. Data security: Definition, Explanation and Guide. Available at: https://www.varonis.com/blog/data-security/
Horne, C., Ahmad, A. and B. Maynard, S. (2019). Information Security Strategy in Organisations: Review, Discussion and Future Research Directions. [online] Arxiv.org. Available at: https://arxiv.org/ftp/arxiv/papers/1606/1606.03528.pdf [Accessed 1 Sep. 2019].
O’Brien, D. (2016). SECURITY RESPONSE: The Apple threat landscape. [Blog] Available at: https://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/apple-threat-landscape.pdf [Accessed 27 Aug. 2019].
Park, S., and Ruighaver, T. 2008. “Strategic Approach to Information Security in Organizations,” ICISS. International Conference on Information Science and Security, 2008: IEEE, pp. 26-31.
