Macs under attack?

It's arguable that the recent Flashback Trojan episode has been the tipping point when it comes to changing the face of the Mac security threatscape. But who is targeting OS X and iOS devices, how are they doing it and should the average business user be worried? Davey Winder investigates...

The expert's view

Whilst it is true that Apple's operating systems are reasonably secure, iOS particularly so, they are by no means invulnerable.

Users and administrators should be encouraged to take sensible steps to attempt to mitigate any risks, such as only opening email attachments from recognised sources, not simply entering admin details and clicking OK but reading the contents of the dialog asking for admin details and asking themselves if this is something that they were expecting

Bill Gallop, Mac Consultants Manager at Insight UK

Advertisement - Article continues below

"It's probably going to require a rethinking of the centralised management approach and the concept of internal and external networks. New security policies will have to be redesigned to provide protection also for/from non-managed devices," Mador reckons.

Si Kellow, security consultant and CSO at Proact added: "What our under-thanked security manager needs before he starts to deploy technical controls, is a written policy that permits the use of iStuff. This should also set out the corporate position on who is responsible for the upkeep and maintenance of iStuff, and whether any technical controls will need to be deployed in order for the user to make use of iStuff".

What steps should the enterprise take to ensure that Macs and iPads are safe?

Advertisement
Advertisement - Article continues below

"For Mac laptops, the same basic rules apply as for any other laptop: keep the patches current, ensure updates for any third-party software are installed promptly, and enforce robust local security on the device in the form of strong passwords and remote access permissions. Apple has a lot of great remote-management features, such as Desktop Sharing and network bridging, which are easy to turn on and use, so administrators should make themselves familiar with those features and choose consciously whether or not to permit their use. The single most important goal is to have as much uniformity of policy across platforms as possible, because if one platform has an advantage' it will be the one favoured and that advantage will likely accelerate the discovery of weaknesses and exploits. Separating out the security configuration from the usability issues is a challenge, but it's not a new one; administrators have had to manage large populations of Windows laptops running multiple versions at the same time for many years now, so the lessons are similar" - BT's Global Head of Business Continuity, Security & Governance, Jeff Schmidt.

Featured Resources

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Remote working 2020: Advantages and challenges

Discover how to overcome remote working challenges

Download now

Keep your data available with snapshot technology

Synology’s solution to your data protection problem

Download now

After the lockdown - reinventing the way your business works

Your guide to ensuring business continuity, no matter the crisis

Download now
Advertisement

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

3 Aug 2020