Menu
Mac (insecurity): How to secure Macs in business

Mac (insecurity): How to secure Macs in business

As Macs make their way into the enterprise, IT needs to address these six security flaws before disaster strikes

Macs are immune from security threats, right? It's Windows we have to worry about. That water-cooler wisdom needs to be flipped on its head, security experts and IT managers warn. Microsoft has gotten its security act together with Vista and its current security-response program; meanwhile, Apple is fast becoming the company most in need of getting its security mojo going.

Many IT and security managers who have focused on securing Windows need to turn their attention to the Mac OS, as these six Mac security flaws attest. And with Macs increasingly making their way into the enterprise, they shouldn't wait: According to a recent Yankee Group study, 80 per cent of senior managers at 700 companies had Macs in house, with 21 per cent boasting 50 or more Macs in use.

A few security holes in Mac OS X are already known, such as the unpatched ARDAgent vulnerability. But that's not where the principal Mac security threat lies. From interviews with security experts and corporate IT managers, it's clear that security concerns and potential risks are much more quotidian -- exactly the kind of bread-and-butter stuff that is easy to ignore, especially for Macs, where IT's familiarity with the Mac is slight because users have typically managed the computers themselves.

It's time for IT to figure out where the Mac's security holes are so that you can plug them before your corporate knowledge starts bubbling out. Here are the six main flaws you should focus on.

Security flaw No. 1: Update management

Across the board, IT and security folks peg patch and update management as Apple's biggest lacuna. The problem is not that the Apple doesn't release security patches, bug fixes, and functionality upgrades on a continuous basis. Instead, the issue is with four flaws in Apple's update process:

  • 1. Unlike Microsoft's Patch Tuesday, Apple offers no predictable schedule on which critical updates are released.
  • 2. There's no simple rollback or uninstall provision.
  • 3. Many updates don't fully document the set of changes involved.
  • 4. Apple doesn't provide hooks for third-party software to assist in managing patch installation or rollbacks, although such software does exist. (Apple does allow configuration so that software updates are downloaded from an intranet server, however.)

    "Apple just goes ahead and issues an update without anyone knowing it's coming, and no one knows what's inside it," says Rich Mogull, an independent security consultant, formerly of Gartner.

    This demonstrates Apple's newness to the enterprise environment with Mac OS X, despite the operating system's many years on the market and its growing adoption rate. For single users and midsize offices, these patch policies raise few eyebrows. But for large corporations, they're insufficient.

    Third-party patch management software for Mac OS X is available (such as LANrev, Bigfix, and PatchLink), but only a few suites are designed for anything but Mac OS X -- which makes it hard to have a unified suite for Windows and Mac patch management.

    The danger here is in allowing individual users to manage their patches, which could lead to systems -- especially laptops carried by mobile users -- being far out of patch compliance and, thus, vulnerable to long-fixed security holes.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Featured

Slideshows

Leading female front runners of the Kiwi ICT industry honoured at 2019 WIICTA

Leading female front runners of the Kiwi ICT industry honoured at 2019 WIICTA

Reseller News has honoured the leading female front runners of the New Zealand ICT industry at the 2019 Women in ICT Awards (WIICTA) in Auckland. The awards recognised standout individuals across six categories, spanning Entrepreneur, Rising Star, Shining Star, Community, Technical and Achievement. Photos by Gino Demeer.

Leading female front runners of the Kiwi ICT industry honoured at 2019 WIICTA
Reseller News kicks off awards season in 2019 with Judges' Lunch

Reseller News kicks off awards season in 2019 with Judges' Lunch

The 2019 Reseller News Innovation Awards has kicked off with the Judges Lunch in Auckland with 70 judges in the voting panel. The awards will reflect the changing dynamics of the channel, recognising excellence across customer value and innovation - spanning start-ups, partners, distributors and vendors. Photos by Christine Wong.

Reseller News kicks off awards season in 2019 with Judges' Lunch
Reseller News welcomes industry figures for 2019 Hall of Fame lunch

Reseller News welcomes industry figures for 2019 Hall of Fame lunch

Reseller News welcomed 2018 inductees - Chris Simpson, Kendra Ross and Phill Patton - to the third running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing landscape of the technology industry in New Zealand, while outlining ways to attract a new breed of players to the ecosystem. Photos by Gino Demeer.

Reseller News welcomes industry figures for 2019 Hall of Fame lunch
Show Comments