Supporting Macs in the enterprise: Eliminating malware

In spite of their marketing message, Apple knows that their computers need to be protected from malware. Don't be caught unawares! Make sure your Macs are set for the day the big one hits.

In spite of its marketing message, Apple knows that its computers need to be protected from malware. Don't be caught unaware! Make sure your Macs are set for the day the big one hits.


Joe and I are of like minds this week, thinking about client security. While I have been following the discussion of Windows anti-spyware solutions with interest, my post for this week is going in a different direction. I have been considering the security of Apple computers.

Last week, it came to the attention of tech journalists that on their corporate Web site Apple recommends that users of their computers employ anti-virus software. There seemed to be a significant amount of glee on display as the pundits pointed out that this stance seems to contradict Apple's own marketing message, which claims their computers are not troubled by viruses and other malware.

Apple is right that there are fewer pieces of malware directed at Macs. That is simply a case of numbers working in their favor, though. There are fewer Macs in the world than Windows machines, so Apple computers are not too profitable as targets. More Apple machines are rolling out all the time, however, and as support pros we have a responsibility to make sure that the systems under our charge are protected, regardless of what operating system they run. There may not be as many security software packages for Macs as there are for Windows machines, but thankfully there are some quality options available.


As last week's news highlighted, even Apple recommends anti-virus software, and I've always installed AV packages on the Macs on our corporate network. I was never really worried about a serious infection on our Apple systems, I mostly just wanted to make sure that they did not pick up a macro virus or serve as a vector for PC-based infections. Apple-compatible virus software has come a long way in the last several years. Security software vendors have worked to get some Mac development expertise in-house, so their products work much better than they used to.

For a long time, my big gripe was that there was no Mac-compatible AV solution that offered centralized management tools. That problem has been rectified by companies like McAfee, Sophos and Intego; all these players offer AV packages compatible with enterprise management software that can monitor the installed clients on your network. (McAfee and Sophos' admin consoles will manage Windows, Linux, and Mac clients, but the management tools have to be installed on Windows. Intego is a Mac software developer, so their admin console runs on Mac OS X.)

Another welcome development in Mac anti-virus software is the appearance of "dual protection" bundles. Since Apple supports booting into Windows on their hardware, a couple of companies have started selling AV protection for both MacOS and Windows in the same box. Symantec has one of these packages, but Intego made it first to market with theirs. I think that these bundles are a great idea for those customers who want the support and assurance that come with commercial AV products. Two for one! How can you beat that?

For the budget-conscious office (show me one that isn't), ClamXav is a free anti-virus solution for Macs that I can recommend. It's a no-frills product, but it works well for detecting infected files. (One caveat: ClamXav won't repair infected files. For that you'll want a commercial AV program.) ClamXav is grounded in an open-source project, and definitions are published daily.


While most AV products offered for Macs claim some protection against spyware and adware, the truth is there just are not many examples of these kinds of exploits in the wild targeting Apple computers. That explains why there are so few dedicated spyware removal tools for MacOS: there is just not the same market as exists with Windows.

If there is one thing my experience with Windows spyware has taught me, though, it pays to have more than one removal tool in your kit. Thankfully, there is an alternative to having to use two full security suites on your Apple machines. I recommend looking at SecureMac's MacScan. MacScan is designed to detect and remove spyware specifically, and it's reasonably priced. It can serve as a good complement to your existing security package, especially if you're going to use ClamXav and its more bare-bones virus protection.

Good habits

As I have mentioned previously, I firmly believe that the best way to protect a computer is by making sure that users are trained and understand what kinds of behavior will put their system at risk. This is just as true for Apple computers as it is for Windows machines. Apple may have been able to escape the attention of serious malware developers to a point, but it is irresponsible to assume that fortune will last forever. When there is a real threat, good habits and good security tools will make sure that the Macs you support will be protected.

Editor's Picks