Quantcast
Subscribe to magazine
You are not logged in, click here to log in.
Up to Discussions in Mac IT and Security
1 Replies Last post: Aug 7, 2008 10:51 AM by Quietus_Prime  
Click to view lantzn's profile Member
lantzn
333 posts since
Mar 30, 2001
Reply

Jul 2, 2008 12:18 PM

Beware the Coming of the Mac!!!

Man this is infuriating. Let's spread the FUD now so the policies to ban Macs will prevent the growth.

http://www.internetnews.com/security/article.php/3756576/Beware+the+Coming+of+the+Mac.htm

Beware the Coming of the Mac
As users sneak Apple Macs into the enterprise infrastructure, IT needs to keep an eye peeled for hackers; on the other hand, corporate management may clamp down hard.

July 2, 2008
By Richard Adhikari: More stories by this author:
Corporate IT staff had better prepare for a headache as the number of Apple Macs in the enterprise grows.

Over the past two years or so, users have increasingly brought the Mac into the enterprise.

However, IT staff are not prepared to deal with Apple (NASDAQ: AAPL) Macs, either from a management or a security perspective, as the overwhelming majority of desktops in the enterprise are Microsoft (NASDAQ: MSFT) Windows boxes.

Now, they will have to change. "IT will now have to address a universal security policy instead of a Windows security policy," Lumension Security's Director of Solutions and Strategy Don Leatham told InternetNews.com.

Where previously Chief Security Officers only had to worry about Windows desktops when putting together enterprise security policies, now they "have to include Mac and Linux desktops, USB devices, iPods, iPhones and other personal smartphones and smart PDAs (define) that are actually small laptops," Leatham said.

Hackers will also begin turning their attention toward the Mac. The Mac has benefited from the concept of security through obscurity, Leatham said, explaining that hackers target the most widely-used operating systems for maximum effectiveness and that Windows' predominance made it the prime target.

"It's a numbers game, just like marketing," he explained.

Now, Macs are becoming more attractive as they are beginning to "sit in privileged access locations in corporations, and are not just for personal use," Qualys Chief Technology Officer Wolfgang Kandek told InternetNews.com.

"More and more IT people and security teams are going for the Mac for personal use because they see it as a more secure platform than Windows," Phillips said.

At IANS' last forum, held in Dallas over two days in June, "Ten to 15 percent of the users had Mac laptops, the most we've ever seen in the seven years we've held these forums," Phillips said.

The Mac operating system is based on Unix, so there won't be too many kernel-level hacks or problems at the low end of the operating system, but the "newer, higher levels" of the Mac operating system "probably still need to be tested" to see how many vulnerabilities exist in them, Leatham said.

Also, while the Mac will come under heavier attack now, it still lacks some applications that create security holes. "There are some things like Outlook on the Windows side that aren't even available on the Mac," Bob O'Donnell, program vice president in IDC's clients and displays program, told InternetNews.com.

There are very, very few Macs in the enterprise, O'Donnell said, although the numbers are growing, so "enterprise IT isn't sure what to do with Macs."

There are security and system tools in the market that work on Windows and Macs which will help IT manage Macs in the enterprise. Lumension offers Patchlink Scan, a vulnerability scanner, and Patchlink Update, a remediation tool, both of which work on Windows, the Mac, Linux and Unix.

Qualys offers QualysGuard, which conducts security evaluations through the network to find and identify nodes on it. This works with the Mac and "helps IT departments enforce security with the same functionality you have in Windows," Kandek said.

What happened, and where things are going

Macs are gaining ground in the enterprise because there's "a perfect storm of consumer convergence," Leatham said.

"There's the iPhone and iPod, Web 2.0, Internet messaging, Twitter, all sorts of different vehicles which are to a certain degree valid mechanisms to do business, especially by the younger generation, and 20-year-olds who see Macs as tools, not as toys," he explained.

Together, these will challenge the hold enterprise IT has on IT in the business place.

The Mac's penetration of the enterprise is being helped by Windows Vista's unattractiveness to corporations.

"The relatively slow enterprise adoption of Vista due to its graphics requirements and application compatibility issues makes the Mac all the more attractive because it's being compared to Windows XP, a pretty old system design," Internet Research Group analyst Peter Christy told InternetNews.com.

The user-driven adoption of Macs in the enterprise is not going to last, IANS' Phillips said.

"Personal preferences will peak for now, but ultimately IT's insistence on a PC or Windows environment will win out," he said.

In the short term, enterprises will turn to vendors and ask for help, but "ultimately, management will tell users that they must abide by corporate policies, not personal policies, when they come to work."
Reply
Click to view Quietus_Prime's profile Member
Quietus_Prime
105 posts since
Jan 13, 2002
1. Aug 7, 2008 10:51 AM in response to: lantzn
Re: Beware the Coming of the Mac!!!

lantzn,

I just finished reading the article. I must confess, I disagree with pretty much everything. One thing that is true is:


"ultimately, management will tell users that they must abide by corporate policies, not personal policies, when they come to work."

IT departments must be able to properly set the policies as to what type of platforms, software, PDA's, etc are allowed in the corporate network. This will make sure that, no matter what equipment they purchase for their users, the corporate environment will always be managed and homogeneous. Once this is achieved, IT departments can concentrate on all the security issues that arise.

One thing that I will say with respect of some Mac users (I will get a lot of angry responses here but it needs to be said though), is that they try to push for whatever they think is best for them and not for the larger corporate environment. Their desire to please themselves and be different is so pervasive that they are willing to bring their own unsecured systems and connect them to the larger network and pretend that there are no penalties for that because they are Mac users. I completely disagree with the attitude because instead of making people aware of the different choices, they just breed resentment and anger. Mac users ( and PC users for that matter) need to understand corporate networks have rules and regulations that need to be enforced. If they do not like the rules, then they just have to get a new job where rules are not enforced and/or relaxed (I challenge anyone to show me a corporation that is not serious enough about its rules and regulations when it comes down to IT infrastructures.)

On the other hand, IT departments need to be aware of what other departments needs are and cater to them. If a department head says to IT that in order to properly achieve optimum employee performance in their corporate related tasks is a Macintosh computer, they so be it. IT needs to then evaluate the systems and create the standard images so that the system can be re-imaged quickly if needed be. Additionally, if IT knows that they will be introducing Macintoshes to their environments, then they need to properly train its technicians on cross-platform issues. If they are hiring new personnel, they have to insist they are cross-platform trained.

As far as security goes, it takes the same effort to properly secure Windows as it takes to secure Mac OS X. Most of the time the simplest way to secure a desktop is to not give users admin rights to their computers. From there, Mac OS X can be fully integrated to the Active Directory infrastructure so users will get some of the privileges inherited from a common back-end infrastructure. Additionally, the software installed in systems (PCs and Macs) need to be strictly controlled by IT and approved by the heads of each corporate departments.

The bottom line is: the article incorrectly implies that Macs are just a fad and cater to those who wnat a prettier computer. If an IT department is so narrow minded about the needs of the different departments and put the IT needs first then IT leaders sohuld be fired on the spot for not putting the corporate needs ahead of their own comfort.

Martin

Reply

Actions

More Like This

Macworld powered by Jive Software's Clearspace ® -1.10.1 (Version: {3}) - Submit product feedback
© Jive Software