The Stack Archive

Getting to the core of Apple Mac security

Mon 8 Feb 2016

Mac laptop

steve-kellySteve Kelly, President, Intego & Flextivity, argues that companies are becoming more knowledgeable about Mac vulnerability and suggests ways to successfully defend against Mac malware…

Apple continues to see the Mac’s popularity rise amongst consumers and businesses. The company’s worldwide shipments increased 1.5% in Q3 2015 compared to the year before. Unfortunately, a result of this growth is that Macs are becoming a more appealing target for hackers and cyber criminals.

The commonly held viewpoint that Mac OS X users are immune to attacks is fading in the average business. IT departments are becoming more knowledgeable about how Macs are vulnerable, rather than discussing whether Mac malware even exists. It certainly does exist and with a number of high-profile security breaches in the news this year, businesses are beginning to give Mac users the attention they deserve.

Company and client data is a critical asset and strong IT defences are vital to ensuring data is protected. Installing anti-malware software is no longer the only step to take – threats have become more sophisticated, pervasive and from a wide range of sources.

One particularly eloquent quote from James Comey, FBI Director summarised the situation well. Speaking about state-sponsored hacking, he famously said in 2014, There are two kinds of big companies in the United States. There are those who’ve been hacked by the Chinese and those who don’t know they’ve been hacked by the Chinese.”

This highlights a key concern for businesses. Quite often, at the heart of every successful attack is an employee who has made a mistake or made a poor online security choice. IT departments should guide Mac users through the threat landscape and help employees bolster their own knowledge.

Defending against malware

The first step to meeting this objective is to identify a security tool to protect Mac users, but also one that equips the IT department with the necessary insight they need to know which staff need extra assistance and support.

That said, even with a competent security platform, there are a number of other vulnerabilities that Mac and Windows users are at risk from.

Weaknesses found in Internet browsers and business applications can be used to gain access to the network and steal data. Keeping software updated is important to help protect against vulnerabilities.

It sounds simple, but software updates sometimes get deferred in favour of other IT tasks. Updates only take a few minutes to install and often include critical security patches, so prioritising updates as soon as they are available is essential. Inform employees of their importance to ensure they keep software on work devices, including Macs, updated.

It is also crucial employees understand why they should create complex, unique passwords. Businesses should develop and enforce a password policy for employees. The policy should require everyone to change their passwords regularly. If employees are reluctant to remember another process, suggest using a password manager. Files can also be encrypted on Macs by turning on File Vault, which is another strong layer of defence.

For all businesses, whether they use Macs or not, security is now a major IT challenge. Mac security has evolved over the years and threats continue to grow, however businesses now have access to a range of OS X specific tools to help prevent security incidents. Knowledge, awareness and utilising monitoring technology is one of the most effective ways to defend against hackers.


Apple feature hacking security
Send us a correction about this article Send us a news tip