iPhone Mirroring may expose your personal app use to your boss
The iPhone Mirroring feature of macOS Sequoia and iOS 18 is a security risk for corporate users, as it's possible that a personal iPhone's applications will be exposed to a company's IT department.
iPhone Mirroring
The addition of iPhone Mirroring in macOS Sequoia allows users to see and interact with their iPhone display via their Mac. While this makes it easier to use the iPhone without necessarily having to handle it, it may be problematic when using a personal iPhone with a corporate Mac.
According to Sevco Security, there is a bug that can allow an employee's personal iPhone to be exposed to a corporate IT department. It's possible for an IT department to be aware of apps installed on an employee's private iPhone.
Sevco discovered that personal iOS apps were reported as installed on Mac devices. The issue is that an IT department may see apps that could be banned from corporate devices as being "installed" on a company-managed Mac or MacBook, despite only really being installed on the user's own iPhone.
Aside from games and other leisure apps, this could also expose the installation of other potentially risky apps. For example, a VPN in a country that heavily restricts Internet access, or a dating app that reveals the user's sexual orientation in a repressive country.
Fearing this could be a privacy risk, and a potential violation of privacy laws in some jurisdictions, Sevco has notified Apple about the issue and potential fixes. Sevco has also informed a number of enterprise software vendors who have common customers with the security outfit, confirming the issue isn't a one-off.
Based on conversations with Apple, Sevco expect that a patch will become available in the future.
While a fix is on the way, it is recommended that employees avoid using iPhone Mirroring with their personal iPhone on work computers. Companies should also warn employees against using iPhone Mirroring for the moment, and to identify any IT systems that collect software inventory from Macs that may be affected.
Read on AppleInsider
Comments
- I have two phones, one for work, one for home.
- I have separate Apple IDs for the work/home computers and iPhones
- My work MacBook doesn’t know my main home wi-fi password at my home; it’s relegated to the guest network
- My home iPhone doesn’t even know the guest wi-fi password at the office, strictly using cellular at work
“Forcing” the company to purchase any computing devices you need is easier to do at a large corporation than a small company, but I do agree that even in those situations, the company should provide you the tools you need to do your job.
In summary turning on iOS screen mirroring shares the Spotlight search info from that phone to Spotlight on the Mac. Spotlight on the Mac can then reveal the apps and certain personal information from the iPhone.
LOL
MDM software installed on the machine is likely already doing any/all of the below:
- Back ups of your personal documents, photos, contacts and more are likely being stored on company servers
- Your password keychain, certificates and FileVault encryption keys are being stored by the company
- The system is able to be remotely monitored, files wiped and locked down before the user has the opportunity to switch off their personal Apple account.
So the boss finding out that you've got Grindr installed on your personal phone is probably going to be low on your priority list when you realise they have all of your d--- pics.