Apple @ Work: Unpacking the top mobile threats facing your Apple fleet this year

May 2, 2026 admin

Apple @ Work is exclusively brought to you by Mosyle, the only Apple Unified Platform. Mosyle is the only solution that integrates in a single professional-grade platform all the solutions necessary to seamlessly and automatically deploy, manage, and protect Apple devices at work. Over 45,000 organizations trust Mosyle to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

If you spend enough time managing Apple devices in an enterprise environment, you start to spot patterns in how security incidents happen. It is rarely a cinematic Ocean’s 11-style hack. Instead, it is usually a user delaying an iOS update for three months or an employee connecting to an open Wi-Fi network at a hotel or coffee shop. Jamf recently released its Security 360: Annual Trends Report on Mobile Devices, and the data paints a very clear picture of the vulnerabilities that IT departments are currently facing. Even in the age of AI, what’s old is new again

About Apple @ Work: Bradley Chambers managed an enterprise IT network from 2009 to 2021. Through his experience deploying and managing firewalls, switches, a mobile device management system, enterprise-grade Wi-Fi, 1000s of Macs, and 1000s of iPads, Bradley will highlight ways in which Apple IT managers deploy Apple devices, build networks to support them, train users, stories from the trenches of IT management, and ways Apple could improve its products for IT departments.

The OS update problem

As IT admins, we are constantly thinking about, pushing, or nagging about updates. The report highlights exactly why this is a massive liability. According to the data, 53% of organizations have at least one device with a critically outdated operating system. That means more than half of the companies surveyed have unpatched, highly exploitable vulnerabilities sitting right in their employees’ back pockets

In 2025, we saw critical vulnerabilities such as CVE-2025-31200, where processing an audio stream from a maliciously crafted media file could result in code execution. The user does not even have to tap a link; their device just processes the audio message for previewing, memory corruption occurs, and the device is compromised. If you are not enforcing OS updates through your device management platform, you are leaving the door wide open for these advanced persistent threats.

The challenge is that employees are trying to work while constantly receiving updates, which is good for infosec but can be a challenge for busy employees.

Jailbreaks and alternative marketplaces

Apple’s walled-garden approach to the App Store, since its launch, has been a massive benefit for IT security. However, as the ecosystem shifts, new risks are emerging. The report found that 1 in 850 work devices were jailbroken. When a device is jailbroken, it bypasses Apple’s security restrictions, creating a backdoor that attackers can use to access your system.

2% of organizations had devices utilizing alternative app marketplaces. While power users might love the flexibility of sideloading, it is a nightmare from a corporate data perspective. Alternative stores are not subject to the same rigorous security and privacy requirements as the official App Store, vastly increasing the risk of malicious software entering your environment. Plain and simple: In my opinion, the App Store works for the enterprise.

The network is the new perimeter

Even with the tightest device configurations in the world, your data is still at risk the moment it leaves your corporate environment. The report notes that 18% of organizations have users who connect to risky hotspots. Connecting to unsecured public Wi-Fi exposes users to Adversary-in-the-Middle attacks, in which hackers can intercept data in transit or steal session cookies.

On top of network infrastructure risks, standard web risks remain incredibly high. A staggering 25% of organizations had a user fall victim to a phishing link. Generative AI has made it easier than ever for attackers to craft convincing phishing messages that perfectly mimic services like Microsoft, Apple, and major financial institutions

9to5Mac’s take

The biggest takeaway from this data is that IT administrators cannot rely on end users to make the right security decisions. Users will connect to the airport and hotel Wi-Fi. They are going to click on convincing phishing links. They are going to ignore the software update prompt for as long as macOS will allow them

This reinforces the reality that robust device management and security tools are a core security control, not just a tool for pushing config profiles. Enforcing rapid security updates, using tools like Tailscale and Kolide to govern who can touch your data, and leveraging endpoint security to monitor device health are the only ways to proactively defend against a mobile threat landscape that is growing more challenging every quarter.

Read the full report to learn more.