Software

Mac users increasingly susceptible to security threats

Consultant Erik Eckel advises enterprise Mac administrators to focus more on security practices such as timely patching and user training due to the increasing number of threats to Mac systems.

Most every IT department knows the security risks e-mail and the Internet pose, and most take considerable steps to lock down vulnerable Windows systems. Enterprise Mac administrators need to take precautions against users accidentally or purposefully introducing malware via e-mail or Internet use, too. Just because Macs aren't subject to the same number or intensity of self-replicating viruses and worms doesn't mean they aren't vulnerable to security holes or privacy concerns that can place corporate data or financial information at risk.

Although viruses, spyware, Trojans, worms and other threats typically target the Windows platform, Macs still face vulnerabilities and threats. Security analysis by Secunia, reported in July in its Half Year Report 2010, reveals Apple ranks first in the number of reported vulnerabilities. Secunia notes that the majority of attacks (approximately 80 percent) result from remote sources and further comments that there is "no security without updating."

Enterprise administrators, justifiably fearing introducing incompatibilities or other issues, typically test many security updates and patches prior to deployment in production environments. That takes time, time in which Mac users remain vulnerable to a serious security threats.

Education is the best defense against social engineering, phishing and similar attacks that often target e-mail for propagation. Further, these vulnerabilities frequently plague Web users, as well. Infected sites change almost hourly. But Mac users, many likely to feel safer using Apple's Safari over Microsoft's Internet Explorer Web browser, aren't totally safe, either.

By ensuring users understand e-mail systems and Internet services are to be used only for business purposes, and that sensitive, proprietary or confidential information should never be shared via e-mail or insecure Web sites, administrators can better protect their organization's networks, systems and data. Policies offer the opportunity to do just that. Should problems arise, written policies also provide HR staff with necessary documentation to build a case for disciplining a troubled staff member, justifying a written write-up or even terminating a habitual offender.

Paper-based policies may appear inconsequential or just a paper exercise, at least on first look, to IT professionals favoring hardened networks. But formal e-mail and Internet usage-policies offer a wonderful complement to automated systems that sometimes prove imperfect.

The first goal should be to educate users. That's as true for Windows organizations as it is for a Mac outfit. Mac users benefit when official policies and procedures are clearly explained in writing. As hard as it is for some IT professionals to believe, many users simply become overwhelmed when trying to make heads or tales of phishing attacks and social engineering efforts. Training is the key, and a good policy is the first step in ensuring all users at least hear a consistent message of what constitutes acceptable or proper use of an organization's IT infrastructure.

Susan Hansche, when a CISSP working as a senior manager for Troy Systems, wrote "employees are the single, most important asset in protecting the IT system." Writing a chapter for The Auerbach Press' The Privacy Papers, she added "users who are aware of good security practices can ensure that information remains safe and available."

Don't get lulled into a false sense of security. Mac users, just like everyone else, need basic instruction as to best business practices when it comes to using e-mail and the Internet. Policies offer an excellent method of communicating acceptable behavior. Even if the systems and software Mac users use are more secure, organizations can only benefit by ensuring users understand the associated risks and are instructed as to best practices for avoiding trouble.

About

Erik Eckel owns and operates two technology companies. As a managing partner with Louisville Geek, he works daily as an IT consultant to assist small businesses in overcoming technology challenges and maximizing IT investments. He is also president o...

23 comments
Jaqui
Jaqui

since most Mac users think there is no malware for their systems. they forget / don't know that rootkits are designed to breach for privilege escalation, which is part of the built in security of all the Unix and Unix like [ might as well just use posix, since the only main os that isn't covered by it is MS. ] operating systems.

jorge.cordero
jorge.cordero

There is a world of differences between Mac and Windows security. Of course, you need "common sense" in every person of your staff. Everybody can be scammed, no matter what computer system you use.

QAonCall
QAonCall

The article is entitled: Mac users increasingly susceptible to security threats It goes on to point out in detail, and links to details of how the attack vector for MAC, and others, has changed, links to referenced information, and basically reviews the findings. Where were you/we mislead?

Vulpinemac
Vulpinemac

At the moment, there is only one real threat, and that's to the user, not the machine. It's very difficult to protect a user from phishing, no matter what platform he uses. And phishing attacks are getting better all the time. If the user doesn't pay attention to what he's looking at, he only makes himself more vulnerable. This has absolutely nothing to do with security software, since, as I said, it's almost impossible to block.

QAonCall
QAonCall

What the article stated. The article summarized an ongoing security analysis that has been done for years, and this is the first time that the MAC platform has the most opportunities for attack. MOST security vulnerabilities (as pointed out by the article) are from 3rd party software, and not direct OS based attacks. I am completely missing your point, if there was one other than saying it isn't true. If you read the report, your statement has been true since 'years back'( at least before 2005 according to this report, but certainly before then) OS compromise, at the OS level will almost always require physical access. Once something is plugged into a network, or then extends that network via that connection, the attack vector expands. The report confirms that. The author wrote that. Platform independent. The difference is, primary due to the distribution methods and software apple supports on it's base OS, they now have the highest attack vector, and the author points out in the enterprise this is more relevant than before.

deanmoncaster
deanmoncaster

I was only told yesterday by a mac person that they dont need security software because there are no viruses.....i laughed and said "that is a real mac belief".

NexS
NexS

That makes me hate the world. But instead, I try and look to the winter with a warm smile and a gracious hand. Only to slap them and be on my merry way.

santeewelding
santeewelding

Like, prick training. In addition to welding services, I offer consulting in both relative and absolute disambiguation -- guaranteed prick.

NexS
NexS

Such skills as forced research practice.

NexS
NexS

"Half Year Report 2010, reveals Apple ranks first in the number of reported vulnerabilities." This has made my day.

j-mccurdy
j-mccurdy

Mac users are safer from malware, for now but, that's because they don't have legions of very smart and extremely motivated people, who are sitting in front of a computer all night long, working diligently. Trying to do bad things to Macs, Yet. But if they keep getting more popular, it will happen, and the Mac people can go on believing that they don't get infected because it's just physically impossible. But that will be their undoing. When enough really smart people get motivated and learn that OS thoroughly, and think outside the box, as in doing things differently, and not trying to make windows type malware for a Mac. They will figure it out. I just don't think anything is impervious. It's been happening since the beginning of recorded history. Everything that has been thought to be invulnerable, has been proven to be. But right now there doesn't seem to be large numbers of Mac hackers. I just find it odd, that Mac fan boys think this has nothing to do with it, and that they are only safe because it just isn't physically possible to make malware for OSX. By the way I don't have problems with malware or hacking. most of the problems people have, they bring upon themselves. I know every time I have had problems in the past, I did something stupid. But I learned the do's and dont's years ago. And I try to educate my customers but, so many of them just don't get it.

Vulpinemac
Vulpinemac

While I don't disagree with the article in general, the [i]threat[/i] is still far smaller for OS X than Windows. However, phishing is universal.

Slayer_
Slayer_

Which is safer.... A tank driving through a war zone with everyone shooting at it. Or a bicycle and rider riding through a war zone but no one is shooting at him.

Slayer_
Slayer_

To me that sounds more like my old Windows 95 example, by MacOS standards Windows 95 is crazy secure online, there is almost no viruses in the wild attacking windows 95. Only a direct targeted attack will (just like a Mac)

djdawson
djdawson

To make this analogy more accurate, they're shooting bullets that only affect tanks and not bicycles. In this case the guy on the bike *is* safer than the guy in the tank.

Slayer_
Slayer_

That would be more accurate in many cases.

AnsuGisalas
AnsuGisalas

No, I'm still on the no-rum diety. Although I am a sucker for that Conund brand. I check for "teh" and "dna" - type errors, but phlet/pleth substitutions slip through more easily.

NexS
NexS

That analogy. It is now my favourite. Ever.

santeewelding
santeewelding

That's the second transposition I've seen today from you. Have you gone off the wagon and taken to rum?

AnsuGisalas
AnsuGisalas

A guy on a bicycle, who thinks he's riding in a tank. Seeing as how they don't know yet what it means to have a phletora of known vulnerabilities under their hood.

Slayer_
Slayer_

I said they aren't shooting at you, they are still shooting. your just the guy going through the middle hoping not to get hit. Again, a Tank getting directly shot at, and hoping it doesn't find a vulnerable spot and blow your ass away. Or a rider on a bicycle hoping no one notices how vulnerable you are.

Vulpinemac
Vulpinemac

If nobody's shooting, there's no war. In other words, a very bad analogy. Care to try again?

Editor's Picks