Apple’s new Mountain Lion OS X operating system, due this summer, introduces a new Gatekeeper feature designed to protect against malware infections. The security enhancement itself is fairly straightforward, but expect the impact on businesses to prove significant.

Simple but effective

Mountain Lion’s Gatekeeper adds new security settings to OS X’s Security & Privacy options. Specifically, Gatekeeper adds three radio buttons to the Security & Privacy preferences.

Mountain Lion adds new application control refinements for Mac users.

The options enable one of three actions: downloading applications only from the Mac store; downloading applications only from the Mac store and identified developers; or downloading applications from any source. Because Apple developers first vet applications downloaded from the Mac store, and because these applications contain critical unique identifying information encrypted within the app, Mountain Lion’s system helps ensure apps don’t contain malicious code and haven’t been altered or corrupted by third parties.

Assuming Mountain Lion ships with the second option as the default (Allow applications downloaded from Mac App Store and identified developers), Macs deployed in businesses will possess built-in protection designed to protect well-meaning users from accidentally installing corrupt software. Only vetted apps and software produced by known developers will prove installable (although users will be able to bypass these settings, when necessary, by depressing the Control key when downloading and installing a new app. Note: Until Mountain Lion Server is available to test, it’s unclear whether admins will be able to lock down this workaround option.)

Widespread consensus

Security experts agree the new antimalware enhancement will prove effective. Based on years of providing technology expertise to hundreds of commercial clients, I’m a believer, too. While Gatekeeper alone isn’t foolproof (users can selectively bypass the built-in protection or even choose the allow any option), I’ve seen many infections are introduced by users inadvertently downloading the wrong application, staff installing programs they incorrectly believe are required, or clients blindly following prompts.

Gatekeeper’s download filter — which leverages Apple’s Mac Store control, administration and distribution capabilities — is a powerful yet simple technology that will prevent users from downloading incorrect apps or programs from the wrong developer. As a result, so many of the malware infections that make their way to business systems can be blocked by default. Whether businesses like the idea of Apple vetting the apps distributed through the App store or not, the Gatekeeper introduction is a brilliant and non-intrusive security strategy that will provide yet another level of protection for businesses that deploy the new OS.

What is your first impression of what Gatekeeper will bring in the way of extra security?