Chuck Leaver – Don’t Risk Your Enterprise Security By Not Checking Mac Computers

Written By Roark Pollock And Presented By Chuck Leaver


Got Macs? That’s fine. I also own one. Have you locked your Macs down? If you haven’t, your enterprise has a possibly serious security weak point.

It’s a misconception to believe that Macintosh computer systems are inherently secure and do not need to be safeguarded against malware or hacking. Many believe Macs are undoubtedly probably more secure than Windows desktops and laptops, due to the design of the Unix-oriented kernel. Definitely, we see less security patches released for macOS from Apple, compared with security patches for Windows from Microsoft.

Less security flaws is not absolutely no defects. And safer does not mean 100% safe.

Some Mac Vulnerability Examples

Take, for example, the macOS 10.13.3 update, issued on January 23, 2018, for the existing variations of the Mac’s operating system. Like most present computer systems running Intel processors, the Mac was vulnerable to the Meltdown defect, which indicated that malicious applications might be able to read kernel memory.

Apple had to patch this flaw – as well as many others.

For instance, another flaw might enable harmful audio files to execute random code, which might breach the system’s security stability. Apple had to patch it.

A kernel flaw implied that a harmful application may be able to execute arbitrary code with kernel opportunities, providing cyber criminals access to anything on the device. Apple needed to patch the kernel.

A flaw in the WebKit library suggested that processing maliciously crafted web material might lead to arbitrary code execution. Apple needed to patch WebKit.

Another flaw meant that processing a destructive text message might lead to application denial of service, freezing the system. Whoops. Apple had to patch that defect too.

Don’t Make The Exact Same Mistakes as Consumers

Lots of customers, believing all the talk about how terrific macOS is, opt to run without security, relying on the macOS and its built-in application firewall software to block all manner of bad code. Bad news: There’s no integrated anti virus or anti malware, and the firewall program can only do so much. And lots of businesses wish to neglect macOS when it pertains to visibility for posture monitoring and hardening, and hazard detection/ danger hunting.

Customers often make these assumptions due to the fact that they do not know any better. IT and Security specialists should never make the very same errors – we must know much better.

If a Mac user installs bad software applications, or includes a harmful web browser extension, or opens a bad e-mail attachment, or clicks a phishing link or a nasty advertisement, their device is corrupted – similar to a Windows machine. However within the enterprise, we have to be prepared to handle these issues, even on Macs.

What To Do?

Exactly what do you have to do?

– Install anti virus and anti malware on corporate Mac computers – or any Mac that has access to your company’s content, servers, or networks.
– Track the state of Macs, much like you would with Windows devices.
– Be proactive in applying patches and fixes to Mac computers, once again, just like with Windows.

You need to also remove Mac computers from your corporate environment which are old and cannot run the current version of macOS. That’s a lot of them, because Apple is respectable at preserving old hardware. Here is Apple’s list of Mac models that can run macOS 10.13:

– MacBook (Late 2009 or newer).
– MacBook Pro (Mid 2010 or more recent).
– MacBook Air (Late 2010 or more recent).
– Mac mini (Mid 2010 or newer).
– iMac (Late 2009 or more recent).
– Mac Pro (Mid 2010 or more recent).

When the next version of macOS comes out, some of your older computers might fall off the list. They ought to drop off your inventory also.

Ziften’s Perspective.

At Ziften, with our Zenith security platform, we work hard to maintain visibility and security feature parity between Windows systems, macOS systems, and Linux-based systems.

In fact, we have actually partnered with Microsoft to incorporate our Zenith security platform with Microsoft Windows Defender Advanced Threat Protection (ATP) for macOS and Linux tracking and danger detection and response protection. The integration makes it possible for consumers to detect, see, investigate, and respond to innovative cyber-attacks on macOS machines (and also Windows and Linux-based endpoints) straight within the Microsoft WDATP Management Console.

From our viewpoint, it has actually constantly been necessary to offer your security teams self-confidence that every desktop/ notebook endpoint is safeguarded – and hence, the enterprise is secured.

It can be hard to believe, 91% of businesses say they have some Mac computers. If those Macs aren’t protected, and also effectively integrated into your endpoint security systems, the enterprise is not protected. It’s just that simple.