Something i’ve known for awhile…”Beware of Macs in enterprise, security consultants say”

I’ve long preached about the false sense of security Mac users have and how this assumption that they do not need to consider security could end up with users being compromised. Certainly as user acceptance grows and Apple gains market share, this would only increase. Other factors to consider is the lack of enforcement and policies you can use in the enterprise to control what users can access. What I’m referring to is Windows Server Group Policies and the recently created group policy preferences, which are very powerful and easy to use in enterprise environments. There is a way to control software installs on OSX, however it was recently discovered that the proprietary authentication method used “DHX” is trivial to override. This could lead to malware being pushed to users and the rapid deployment of this software could lead to disaster. Furthermore this issue could allow someone to gain all the passwords for Macs in the network. pretty scary stuff.

 

Read the following article on the register for more details: http://www.theregister.co.uk/2011/08/08/mac_security_risk/

Anyways, the takeaway should be “no system is secure”, and you should keep up on your patch management, avoid storing passwords on systems (yes this means you) and remember, “security is not something you can buy. It is something you must continually strive to achieve.”