How to secure Macs in the enterprise
- Article 1 of 3
- ComputerWeekly, December 2012
For many people working in IT support and security, the Mac is an 'unknown unknown'. Headlines and word-of-mouth suggest that it is both more secure than Windows, yet just as insecure; it is harder to configure, yet easier to use; it will not fit into enterprise deployments, but does not need to.
This article is intended to introduce someone new to Macs to the basics of their security in the enterprise.
Page 1 | Page 2 | Page 3 | Page 4 | All 4 Pages
By default, the password for the keychain is the same as the user's account password and the user can at any point access these passwords using the Keychain Access utility in the Utilities folder in the Mac's main Applications folder.
The system security certificates, Wi-Fi log-in details and so on are only available to someone with an admin account, but if someone guesses the account password, they can access all the passwords stored in the user's keychain. To prevent this, select the log-in keychain in the Keychains panel of Keychain Access and select Change password for the keychain log in, so that it is different from the user account password.
Conclusion
There has not been enough scope here to go into depth with the full security possibilities offered through additional products, such as OS X Server, Apple Remote Desktop or Casper Suite, integration with Active Directory or options such as two-factor authentication.
However, if you follow these basics at least, your Macs should start out and remain reasonably secure.
Page 1 | Page 2 | Page 3 | Page 4 | All 4 Pages