Security has been the single biggest IT-related issue of the past year. There have been a number of high profile security breaches and malware attacks that have had users and companies wondering just how safe their data really is online. Characteristically, Mac users have been quick to scoff at their PC-using colleagues because they believe that their systems are safe. Events from the past summer have told a different story.
While Apple’s operating system, OS X, has never been ‘free’ from viruses and other malware, past infections pretty much had to be purposefully introduced into the computers, and Macs have been largely regarded as being immune to the somewhat random and widespread malware and hacking attempts that PC users deal with on a day to day basis. That perception changed this past summer with a number of events that brought the security of Apple’s platform into question.
Should we worry?
If you use OS X in your company, or even at home, security should be one of your primary concerns. While many of the recent malware attacks geared towards OS X users weren’t massive – roughly 600,000 Macs were infected by the Flashback attack in April – it’s the sophistication of these recent attacks that has security experts alarmed.
Traditional malware was usually created to do one thing, be it crashing a computer or stealing information. Many of these new attacks have multiple goals, such as installing backdoors, keyloggers and rootkits that hide all of the above from the user. This then allows the criminal to access your system whenever they want and gives them the ability to track every keystroke you make, which in turn means they could steal your information. Apply this at the company level and you have a serious issue from which it could be nearly impossible to recover.
Is there anything we can do?
As with nearly any problem, potential or otherwise, there is always something you can do. One of the first things you should do is to establish an ‘Allowed Programs’ list with programs that employees are allowed to download. If it’s not on the list, it shouldn’t be downloaded.
If you work with a Managed Service Provider (MSP), it’s best to not let your employees install updates by themselves. Instead, contact your Provider to get them to do a system-wide update. That way, you can be sure that the update is vetted and that every user can benefit from it.
Many Mac users don’t take basic security steps like installing a virus scanner, and keeping it updated and running regular scans. You should have a virus scanners installed on every system. Popular name brands like Norton and Kaspersky are available for Macs.
For an easy solution, consider working with an MSP like Providence who looks after your systems for you. This serves two purposes, the first being that you don’t have to worry about the security of your systems, and the second being that if there is a problem, we know how to fix it.