Contact Us




Change Locale

6 Things Every Smart IT Manager Knows About Mac Security

Client Computing | Posted on September 17, 2013 by Joseph Byer

Many people believe the Mac® is more secure than PCs, and that hackers don’t waste time on them. Forrester has even reported that a Mac is “more secure than a Windows machine,” as “historically there have been relatively few intrusions on a Mac.”

However, the Mac has become commonplace in the enterprise and 50% of businesses now issue them to employees. This means the Mac is becoming an attractive target.

According to a Kaspersky Security Bulletin, the main reason why cyber-criminals are targeting the Mac is because “Apple® products are popular with many influential politicians and prominent businessmen, and the information stored in the devices owned by these people is of interest to a certain category of cyber-criminal”.

While Mac OS X® has strong built-in security features, there are six specific things smart IT managers already do to protect their organizations from breaches and data loss – without investing in expensive security solutions to get started.

1. Use Mobile Device Management

Your security is closely tied to how well you manage your Macs. For example, many IT professionals want to apply their Windows group policies to Macs. While this is possible, it’s not ideal, as you’ll need complex patches or expensive third-party tools to make it work.

Instead, look at your existing policies and apply them to Macs using mobile device management (MDM). If you already use MDM, this will make things easier for you, as Mac users may self-provision services through MDM. If you are not using MDM, bringing Macs into your organization provides you with an opportunity to revisit your old policies and update them for today’s workplace.

2. Don’t Overlook Your Mac

Although IT departments should manage every system on their corporate networks, many fail to include the Mac in their managed fleets. This oversight may lead to breaches and data loss.

Use Network Access Control (NAC) to protect all of your systems. NAC allows you to place Macs in a restrictive VLAN where you provide them with Internet, email and virtualization. If your Macs get compromised, your other systems will remain secure.

Macs, like PCs, also need a strong encryption solution. While FileVault 2 is great for consumers, it’s not ideal for enterprises. Instead, use an enterprise-level security solution such as Sophos or McAfee. Since Macs and PCs are prone to theft and loss, full disk encryption will also help to prevent data loss if a Mac in your fleet goes missing.

3. Install Anti-Malware Protection

PDF and Java exploits are among the most common malware attacks. After all, everyone opens PDFs and uses Java. While there have been no documented cases to Apple of a PDF Malware attack, there was a Java exploit that has been documented. This does raise concerns around possible security exploits. Installing an antivirus software package is a good option to use to help prevent hackers from stealing your passwords and data.

4. Secure your company’s Macs by turning off AirDrop.

This feature is built into Mac OS X and allows users to see all Mac users that are connected to the network – even secure networks. Although this makes it easier for Mac users to share files, it also makes it easy for corporate data to become compromised. Instead of AirDrop®, give Mac users a more secure way to share files.

5. Restrict access to iCloud.

Since iCloud® is a consumer-based cloud service, it doesn’t have the proper security features to keep your business data safe. Blocking access to iCloud helps control data leakage and loss.

6. Integrate OS X with Active Directory.

This will give IT better visibility into all of Mac users on the network, and enforce authentication and password policies. For more information, download the Apple white paper, “Best Practices for Integrating OS X with Active Directory”.

Many of the steps you should take secure Macs are the same steps you must take to protect PCs. Also be sure to check out the “How to Decide if Your Organization is Apple-Ready” infographic and see how prepared your organization is to handle the realities of Macs in the enterprise.

Apple, the Apple logo, AirDrop, OS X, and Mac are trademarks of Apple Inc., registered in the U.S. and other countries. iCloud is a service mark of Apple Inc., registered in the U.S. and other countries.

Related Articles

Client Computing | July 22, 2019 by Susana Byun

Here are your top 5 must-read announcements from Microsoft this month:

Client Computing | June 13, 2019 by Susana Byun

Here are our 9 must-read topics from Microsoft on June 2019:

Client Computing | May 15, 2019 by Susana Byun

Here are our 9 must-read topics from Microsoft on May 2019: