The iPhone mirroring feature in macOS Sequoia and iOS 18 is a security risk for corporate users because applications on a personal iPhone can be exposed to corporate IT departments.
With the addition of iPhone mirroring to macOS Sequoia, users can now view and control their iPhone display through their Mac. This makes it easier to use your iPhone without necessarily having to interact with it, but it can cause problems when you use your personal iPhone with your work Mac.
Sevco Security says a bug exists that could potentially expose an employee’s iPhone to a company’s IT department. Your IT department may be aware of apps installed on your employees’ personal iPhones.
Sevco has discovered that personal iOS apps are reported to be installed on Mac devices. The problem is that apps that can be banned from corporate devices are actually only installed on the user’s own iPhone, but are not listed as “installed” on a corporate-managed Mac or MacBook. ” that the IT department may determine.
Apart from games and other leisure apps, this can also lead to the installation of other potentially dangerous apps. Examples include VPNs in countries where internet access is severely restricted, and dating apps that reveal users’ sexual orientation in repressive countries.
Concerned that this poses a privacy risk and may violate privacy laws in some jurisdictions, Sevco has notified Apple of this issue and a possible fix. Sevco also notified a number of enterprise software vendors that have mutual customers with the security company, confirming that this issue is not a one-time issue.
Based on conversations with Apple, Sevco expects a patch to become available in the future.
While a fix is currently in progress, employees are encouraged not to use iPhone mirroring on their work computers with their personal iPhones. Companies should warn employees not to use iPhone mirroring for now and to identify IT systems that collect software inventory from potentially affected Macs.
