PCs

Do businesses need antivirus on their Macs?

Erik Eckel answers the question: Do Macs need additional antivirus and malware protection?

Long the debate has raged: do Macs need antivirus? The technical, politically correct answer is yes, business Mac users should load antivirus software. Apple officially began recommending Mac users to load antivirus as far back as 2002. Today Apple's website publicly encourages Mac antivirus adoption, too:

Security Advice

The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box. However, since no system can be 100 percent immune from every threat, antivirus software may offer additional protection.

That said, I've loaded antivirus on Macs exactly twice, and both times because the client specifically requested the additional security software be loaded on their Mac OS X systems. Often, Mac antivirus might simply be overkill.

A tighter architecture

Mac OS X runs on UNIX. The underlying code base is inherently more secure. It's more difficult to hack. That's not to say it can't be done; it can. But cracking UNIX security is more difficult than some other operating systems. As Apple states, "Mac OS X doesn't get PC viruses."

Sandboxing is built in

Macs also boast built-in sandboxing, a security-conscious environment in which applications and processes are separated. Mac OS X restricts the actions programs can execute. Mac OS X ‘s sandboxing technique also restricts file access and program execution. The result is a more secure system less vulnerable to malware infection and exploitation.

Additional guidelines

Apple lists numerous security recommendations on its website. Its online Mac OS 10.6 Help page states that users should "run an antivirus program if you find any suspicious files or applications, or if you notice any suspicious behavior on your computer."

To help protect systems, Apple also recommends Mac users avoid downloading or installing unlicensed or pirated software, accept applications only from known and trusted sources, disable unnecessary root accounts and remove unneeded administrative permissions from commonly used everyday user accounts. With such good security habits in place, it's unlikely a third-party antivirus application is required. But when sensitive information is in question, or when patient data is at risk, best business practices require that businesses load and maintain professional antimalware software, regardless whether the computers in use are Windows-, Linux- or UNIX-powered.

Many Mac antimalware choices

A few years ago, there weren't that many prominent software manufacturers producing antimalware software for the Mac. Now almost every antivirus provider, including Symantec/Norton, Eset, Intego, Bit Defender and Avast, produce Mac-specific antimalware platforms.

Many choices exist. Unfortunately the debate is seemingly no longer whether Macs require antivirus, but which platform to load. That is, if Mac enthusiasts are subscribing to the technical, politically correct answer. Which, knowing Mac personalities, most are likely not buying.

About

Erik Eckel owns and operates two technology companies. As a managing partner with Louisville Geek, he works daily as an IT consultant to assist small businesses in overcoming technology challenges and maximizing IT investments. He is also president o...

45 comments
rsantuci
rsantuci

If they are connected to a network that has access to any credit card holder data then the answer is YES. It is a PCI requirement.

CherryGarcia
CherryGarcia

95% of all infections I see are caused by Malware not viruses. If there were still viruses open in the wild than how can I sit safely in a large airport, library, coffee shop sitting elbow to elbow with dozens of possibly infected computers and not get sick? Back in the day when working on a LAN/WAN Windows had a lot of holes in it. That is not true today. If you have a fully patched Windows XP or better Operating System you have a better chance of hitting a hole in one on the moon than catching a virus.

CherryGarcia
CherryGarcia

Having only read your headlines I stand by my statement and fully endorse it to my customers. I'm basically teaching my customer how not to get infected. It is not that difficult to teach them how to avoid problematic links and sites by using the status bar in your Web browser. 1. Teach your customer how to use the status bar. If you hover over a link and it is encrypted or invisible than don't visit that site. Is it really that important? 2. When you log into any site check for https: and the root address. paypal.com is not the same as paypal.us.com. 3. Never click in the body of a pop-up. No means Yes, and can activate a malware download. Always close popups with the Window X or from the tray. 3. If the file is persistent and can't be closed disconnect the network and reboot. (This rarely happens) 4. Never install any registry, security or firewall software. 5. If they don't believe me I will install SuperAntiSpyware for manual scan only and let them run that once a week. It is nothing but a cookie cleaner because they just don't get infected. Scouts honor.

eduardo01usa
eduardo01usa

Yes Every cumputer must be protected if it's part of a network- PC or MAC, it doesn't matter and at the same time we have to apply security policies to prevent misuse of the equipment from employees.

Shallowbane
Shallowbane

I have realized that Mac user's are in a generalization 'oblivious'. No not every Mac user is this way, but it is a large amount. There is in fact, less infections, however Mac users tend to interpret that as a stronger security system. That is false. Mac OS has a lot less of an audience and a lot less programmers coding for and against it. Malware used to capture secure password's and retrieve information want to target as many people as quick as it can. So, the obvious target becomes Windows users. Regardless, Both Mac OS and Windows OS have viruses and a lot of them at all. Keep your computers clean, install AV's. When you do get infected, and you will, you compromise not only your data but anyone you have data about on your computer. (This includes your email contacts) Don't be THAT guy.

blaisdr
blaisdr

I once had an HP It had norton anti virus installed from the start ! I let run out And there I started to get Spam , a couple Trojan Horse ! After a long while I decided to wipe the Hard Drive and reinstall XP without All Norton And it worked for a long time after that day

Justin James
Justin James

Removed because previous post magically re-appeared... J.Ja

Justin James
Justin James

There are now DIY malware kits for Macs out there: http://www.zdnet.com/blog/bott/coming-soon-to-a-mac-near-you-serious-malware/3212?tag=content;selector-blogs Oh, look, there's scareware out for OS X too, reported on just yesterday: http://www.zdnet.com/blog/security/new-mac-os-x-scareware-delivered-through-blackhat-seo/8614 This is hardly "news", these things have been happening forever. The amount of malware on OS X is much, much smaller than for Windows of course. And the OS X architecture is better. But anyone who acts like OS X is invincible or malware does not exist for it is woefully ignorant of such matters. Meanwhile, the underlying OS is less and less of the attack vector... it's the APPLICATIONS. The applications for Macs like Acrobat, Chrome, Safari, and Office are written by the same people who write the vulnerable versions on Windows. In fact, if you pay attention, nearly every patch for Office on Windows has a corresponding, identical patch for Office on Mac! Furthermore, as someone who runs a FreeBSD server, I subscribe to their security mailing list. Guess what? They discover (and fix) security vulnerabilities on a regular basis. So does Apple. Obviously, OS X is *not* impervious. I'm not a big fan of A/V apps in general, and I think that user education is the most effective tool in the fight. But I'm a realist too, and I know that pretending that malware doesn't exist on any given platform, or that it is totally mitigated by OS design, is patently false. Edited to remove statements which a re-read of the article showed were not fair criticisms of the original post. J.Ja

bboyd
bboyd

Monkey virus my brother somehow got on my mac boot disks. Mac virii for a long time now.

JamesRL
JamesRL

I was heavily involved in the anti-virus field on the Mac in the 90s, and although there were fewer threats than with Windows, they still existed, and we still had infections. I may grant that OS X is a more secure environment than previous Mac OS because of the Unix base, but that doesn't mean it isn't vulnerable. In a perfect world you wouldn't need anti-virus because your employees won't go to places they shouldn't, but this isn't a perfect world.

derek
derek

It is amazing to me how many of our clients are moving to Macs because some starry-eyed Apple store groupie told them that they would never have the problems of pc if they just change. Even some of my co-workers thought that until my boss had to bring his mac in to get viruses cleared off. I agree with many of the sentiments here: -Keep telling people that there is no viruses, and the rest of the world of hackers will drop what they are doing to change that for you. -Notice there are no more Apple vs PC commercials touting immunity? I wonder why that is. -Like the fandango incident last your about identity lock.... put your ssn out there and someone is prove to you that they can gain access.... same said, keep touting that Apple is the most secure.... etc -Finally, I am not a pc guy or a mac guy.... it is still technology made by men and it is falliable, nothing is error free ever.... it is just part of the game... you can either close your eyes to it and pretend your not going to get into the security conglomerate, or you can acknowledge like any educated technology user - just because your resisting it, does not mean it is not out there... and dreaming will not make it go away.

ringo karma
ringo karma

Not using security software on a Mac is like living in a good neighborhood and never locking your door. Someday you're going to be sorry. Check out Sophos Anti-virus free version for home users. I'm surprised the article did not mention it. Symantec/Norton is resource heavy in a PC environment, it's probably similar in a Mac. The only virus I ever had on a PC I got while ESET was guarding my door. I'm not going to trust my 2 Macs to ESET. For my 2 PC's I now use Emsisoft, my Macs are guarded by Sophos free. With Emsisoft and Sophos I feel like I not only lock my doors while sleeping or away from home, I have a couple of Dobermans sitting just inside the doors patiently waiting to do their Doberman-thing to any and all intruders.

DSG7
DSG7

There is a lot to be said about antivirus on Macs versus PCs, and I'd get into a rant if I had the time. I would say that Macs need antivirus, simply because of the fact people appear so indifferent toward it - that attitude would likely inspire someone to write an innocuous program that people won't notice, and consequently wouldn't report to antivirus organisations because they don't believe they're vulnerable/don't have antivirus that can detect and alert anyone for them. An analogy; a lockup in a dodgy part of town would be recognised as a potential place to get burgled, so you'd lock it up tight with several padlocks and alarms, and you'd know to look for signs of burglary attempts. A garden shed in a gated community in a high-class part of town wouldn't be as thoroughly secured, and wouldn't get monitored as much, due to the perceived security ("its a gated community, you're in a good area, you won't get burgled"), but it can still get broken into. With the lack of security, you might not even know you've been burgled until its too late.

Steve-McClune
Steve-McClune

Macs can still pass PC viruses on to others via email, Word documents etc. Be a responsible person and protect your Mac with the free AV tools so you don't cripple some else.

jp-dutch
jp-dutch

I'm not sure about Erik Eckel's credentials... A laptop with Mac OS X and Safari was very quickly cracked in recent Pwn2Own contests: http://en.wikipedia.org/wiki/Pwn2Own Furthermore: Mac users still have to wait on techniques like EDP (Execution of Data Prevention) and ASLR (Address space layout randomization). They have been circumvented in this contest, but that took very ingenious work. Also botnets of Macs are offered on the black market for spammers. So please keep telling us this nice stories that Macs are so secure. Unfortunately they have little to do with reality... Capice?

kalliste
kalliste

My work includes fixing random laptop problems in a large user base (of students). I have seen multiple Macbooks where installation of Sophos a/v has identified trojans in the Java file hierarchy and the removal of these appeared to fix the issues being experienced (problems with network connection and web browsers). Clearly, from my observation, there are Mac viruses and they are out in the wild causing difficulty for computer users. As Bruce Schneier says, "Attacks always get better; they never get worse."

tchopard
tchopard

Everyone should know this by now... /sarcasm -TChopard

Jaqui
Jaqui

that like the antivirus / adware / spyware tools for the other unixx / unix-like systems, the mac versions only scan for WINDOWS malware. they don't actually protect the system they are on. [ other than rootkit detection software ]

CherryGarcia
CherryGarcia

I have been preaching that expensive anti-virus is snake oil and not necessary even in the PC world if you know what to avoid. If you are duped by Facebook apps, flashy pop-ups, misstyped URLs than go ahead and protect yourself. At the first sign of a malware pop up or download disconnect your connection and start over. I have been running Windows XP and 7 for many years now without any security software and am still virus free. Educate the user on what to avoid and their systems will run 30% faster without all that bloat.

AnsuGisalas
AnsuGisalas

Viruses are malware. Your song is getting a bit screechy, you know.

AnsuGisalas
AnsuGisalas

It happens all the time. Then, when the crackers get into the trusted sites they fill them with drive-by-activating malware, and then your users don't stand a chance. They won't even think "why is my connection so slow now?", because they think following your _idiotic/magical advice will keep them safe. But then, you only read headlines, so what am I talking to you for?

AnsuGisalas
AnsuGisalas

Not good AV, at least. Bad AV is worse than nothing.

cerewa
cerewa

Certainly FreeBSD gets security fixes. But FreeBSD botnets do not exist (see above regarding OSX botnets). So is it true that FreeBSD security fixes basically fall into the realm of "we fixed this because someone, someday, maybe, would have figured out how to gain control of a system through this flaw"? Or is it more like, "we fixed this because JohnDoe figured out that if he exploits this and takes these steps, he gains control of a FreeBSD system"?

Bob G Beechey
Bob G Beechey

Yje plural of "virus" is "viruses". "virii" is bad English and utterly appalling Latin. Bob

JamesRL
JamesRL

I remember it well. I was using a Mac at a place that rented time on them - back when laser printers were thousands of dollars. I was finishing up some graphics work for a client, and just getting ready to print when at noon, a message came up and took over the screen and locked it up. I had to reboot without saving and lost an hours editing. But I think the point was that Apple has made OS X more secure, and some people have been lulled into thinking that anti-virus isn't needed anymore. They are wrong. http://en.wikipedia.org/wiki/MacMag

Vulpinemac
Vulpinemac

First, I have to question the 'viruses' that Mac needed to have cleared off; exactly what were they and what were they doing to the machine? Second, as yet there are NO viruses extant against the Mac, though there are Trojans allowing other malware to sneak in against less-aware users. As yet, such infected machines total about 0.02% of all Macs currently in use. Third, since Apple has effectively dropped all the Mac vs PC commercials, it seems quite obvious that such commercials no longer exist--doesn't mean they aren't still advertising the Mac's and OS X's better security. After all, even after 10 years of OS X there have only been four semi-viable attacks so far and all of them required a trojan to break into the machine. Fourth, that wasn't a Fandango incident, though you are correct that it was cracked--it didn't stop him from maintaining that his system offered better protection than what most people use to protect their identities--which is nothing. I don't doubt that people are striving to create a viable attack vector against Apple's OS X, but so far the only ones who are succeeding are paid researchers--everyone else seems to be hitting a brick--or at least wooden--wall. Finally, I don't believe anyone here has honestly said an AV isn't at least suggested--except when they're being sarcastic. In fact, I've suggested four different ones myself in this forum, at least one of which is free. And the ones I've suggested check for both OS X and, if desired, Windows malware.

Vulpinemac
Vulpinemac

... By pushing just one AV, you only make it the bigger target for malware developers to bypass, leaving users open. We've already seen how easily malware developers bypassed Symantic and McAfee in Windows--actually managing to disable them entirely without the users' knowledge; a broader selection offers a better chance of blocking targeted malware.

splait1
splait1

However, Mac users might if they forward an email. The Mac OS can't run Windows code, so the spread of any malware has to be done through forwarded emails.

Jaqui
Jaqui

until those tools also protect the system they are installed on. you can do the right thing and install an operating system not as likely to get infested. [ linux, *BSD ... ] your choice to run lower quality os, YOUR responsibility to protect yourself. or go complain to the anti malware software companies that their products don't protect ALL operating systems, and don't run on ALL operating systems.

Vulpinemac
Vulpinemac

... you might like to know that only 60,000 Macs were in the largest one--a mere 0.02% of all Macs in operation--and that they were compromised by using cracked expensive applications as their trojan horse. Out of over 150 million Macs in use, only 60 thousand? Compare that to the hundreds of millions of Windows machines in botnets around the world and I truly believe your view of reality is--well... distorted?

Vulpinemac
Vulpinemac

Believe it or not, most OS X AVs scan for OS X infections and seem to do a more intensive job of it. Unlike most Windows AVs, a manual scan doesn't take just a few minutes, but literally checks each file looking for things that don't belong. Most, now include checking for Windows viruses as an option. In some ways a user may think that Mac AVs aren't as good because they take longer to run their scans, but when you watch how they work you can see that their scans are more comprehensive in nature. They do work to protect the system they're on.

T3CHN0M4NC3R
T3CHN0M4NC3R

Only techies or tech pros would know all this. End users who barely care about all these will need a software to settle all these problems that they ignorantly don't care. All they care is that they need to get things done without any problems. Have you ever educate any corporate senior managers about what you preached and successful at it? Well, I failed.

AnsuGisalas
AnsuGisalas

Sure. But why go for expensive crap when there's good, free AV programs that are definitely worth the money? Good AV doesn't even take up a lot of processing power anymore. Besides, you could be rootkitted up to your eyeballs and never know it... which explains why I've been receiving spam from you for the last couple of years! (Just kidding, :p)

jbcomp
jbcomp

like this. his answer is to once a month format and reinstall. That might be ok for grandma who reads her email a couple of times a month.

Vulpinemac
Vulpinemac

The average user doesn't have your knowledge. The average user will do what they want to and may or may not remember to use ad-block technologies. Even when your browser has settings for blocking pop-ups, pop-unders may still get through and may not have an obvious closure button. Even when somebody does know what they're doing, a virus can get through without their knowledge depending on how it's designed to work. Today's attacks tend to depend on the ignorance and/or greed of the users rather than the stealthy worms that used to run in the past. AVs and AMs help to block what gets past the user but the user is still the first line of defense as you've so clearly pointed out. When the user doesn't know (or care to know) what he's looking at, then software has to try to do it for him. In an enterprise environment especially, the company can't rely on their users paying attention to security on top of all their other responsibilities. Far safer to add that software line of defense

CharlieSpencer
CharlieSpencer

The same people who ignore 'Check Engine' lights and still had 12:00 blinking on the VCR when they threw it away? The same ones who ride without seat belts or helmets? Good luck with that.

tchopard
tchopard

So, you put ad block on every browser on every computer in a company setting? What about viruses that propagate through thumbdrives, worms, or such basic files as office files? By the way, if you aren't running any security software, then how do you know you're "still virus free" and not root-kitted or part of a botnet??? Also what do you mean by "disconnect and start over". Do you mean format? That's a little bit extreme don't you think? God I hope your day job does not include IT. -TChopard

Vulpinemac
Vulpinemac

... not all malware are viruses--not even a significant fraction. As CherryGarcia pointed out, there are very, very few real viruses in operation any more.

AnsuGisalas
AnsuGisalas

On the other hand, it's good to keep in mind that things can change. And there's nothing in the world more enticing to the bad guys than something that's widely believed to be secure, but isn't. And let's face it, when the biggest vulnerability is sitting one foot in front of the screen - no hardware is truly secure. Cracked, expensive software... it's not as fast as a worm, but it's tailored for that BIG vulnerability, Mr. User - or among friends "Mr. You, Sir!"

Jaqui
Jaqui

I'm mac free because I can't stand the UI. and windows free also. so no idea how mac av works. but the commercially available av products that WILL run on linux, only scan for windows viruses, so it's likely they only to that on macos as well. [ read fine print of what they are looking for it the documentation of symantec and mcaffee and every other AV app that makes an "enterprise" version which will run on linux, they only scan for windows virus infestations. ]

AnsuGisalas
AnsuGisalas

We're all vulnerable. The people who think they're not are the ones with the botnet's hand up their backsides... and I mean like a sock-puppet, not like a rectal exam.

Vulpinemac
Vulpinemac

... but your logic seems to fail when you reiterate the same argument even after I tell you otherwise. Just because you think it's so for OS X doesn't make it so. Linux is not UNIX.

CharlieSpencer
CharlieSpencer

I'd rather have the exam. It's easier to remove the offending insertion, which wasn't intended to remain there anyway.

Editor's Picks