Apple iTunes – Addressing The Necessary Risk
With the advent of the iPod, and more recently the iPhone…the presence of Apple applications in the enterprise is continuing to expand. The challenge…how to address the vulnerability risk that these devices present. At the center of it all is iTunes…one of the most widely used applications in the world. It’s the primary delivery vehicle for the music used by the iPod, but also the connection and update vehicle for the iPhone. However, this application carries with it a good deal of risk if left unchecked!
There are many organizations today that rely solely on Microsoft to perform the critical function of patch management. Who better…? Well…Microsoft does a good job of addressing any risks that may apply to their new applications, but what about their older OS’s and applications, and more importantly…the non-Microsoft applications that you will find in most any environment. This is where the challenge resides! Without technology to accurate assess the presence of iTunes, and more importantly…whether it’s patch appropriately is critical.
So, the questions you have to ask yourself are as follows:
1) Do you have any users in your environment using iTunes?
2) If you do, are you aware of their current patch as it relates to iTunes?
3) Additionally, if you are currently using Microsoft WSUS to patch exclusively, and have discovered the presence of iTunes – how will you address any potential vulnerability related risks.
If you struggled with any of these questions…don’t feel bad, you’re not alone!! To address this issue, and certainly the risks associated with the presence of other non-Microsoft related applications, you’ll need a tool that enables you to scan for and remediate these types of risks.
Dave Eike
Shavlik Technologies