Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Public Teleconferences
Join CIO Executive Council members and participate in the following live teleconferences:
* Planning for Succession:
Models for IT Leadership Development, June 23
* Change Leadership at General Growth Properties: A
Pathways Leadership Development Seminar, June 25
* Managing Change: Centralizing Your IT Organization
July 29
Apply today for a FREE subscription to CIO Magazine!
Feature
Spot-On Security Tips for Mac OS X Leopard
Mac OS X is generally unappealing to malicious hackers. But since its popularity is bound to attract notice from the bad guys, the new version of Apple's operating system sports several security features that users and IT departments should know about.December 14, 2007 — CIO — Now that the honeymoon stage with Mac OS X Leopard has passed, the nuances of its daily use are beginning to come to light. Kinks are getting worked out, companies are updating their Mac-compatible software and all kinds of new and useful features are being unearthed. In the past, Mac OS X has been derided for flawed security while at the same time being lauded as an unlikely target for hackers. Did the release of Leopard finally hit the sweet spot of better security without sacrificing functionality?
What is it about Mac OS X that makes it unappealing to hackers and other Internet interlopers? Nick Selby, senior analyst and director of enterprise security practice with The 451 Group, says it's simply that hackers tend to reach for the lowest-hanging fruit. Selby explains that hackers get the most bang for their buck by developing malicious code designed to infect the most likely combination of software in use today: Microsoft Windows XP or Vista running a version of Internet Explorer's Web browser. "That's where the action and the money are," says Selby. Other combinations—Mac OS X and the Safari browser, for example—just aren't as widely used and therefore are not worth a hacker's time to look for holes to exploit.
That doesn't mean, however, that Leopard users shouldn't take security precautions anyway. "Targeted attacks by motivated and skilled hackers are generally not stoppable," says Selby. "Best practices dictate regular patching, updates, firewalls, port blocking and scanning for activity on known botnet channels."
Ollie Whitehouse, architect with Symantec's Advanced Threat Reasearch Team, agrees. "It's fair to say Mac OS X has not been a significant target for attackers or malicious code authors to date. However, researchers have demonstrated that the potential for susceptibility to the same types of flaws which have plagued Microsoft Windows for so many years does exist to the same extent. We have also seen indications that malicious code authors are kicking the tires with at least one actual attempt through social engineering to get the user to install a Trojan.
"However due to smaller market share, Mac OS X has not been targeted in the same way as Windows. It's reasonable to expect this to change over time, as Apple's market share increases and Microsoft improves Windows security," adds Whitehouse.. Also, there are threats to data which affect all lost or stolen laptops and devices. Even though attackers may not be aggressively targeting Mac OS X, Whitehouse urges IT departments to take responsible steps to protect data while it's at rest, and also put systems and policies in place to ensure that any valuable data is backed up.
How Office 2007 Exposed Bill Gates
How Much Will an Office 2007 and Vista Migration Hurt?
How Operating Systems Create Network Efficiency
How the Network Operating System Impacts High-Performance Businesses
Myth of the Million Dollar Database
AISO grows its "green" business
The New "Black Art." Learn why few companies do DNS well. Why fewer can scale it.
Advanced DNS and Traffic Management Solutions: The Keys to Enhancing and Securing your Enterprise Network
Enabling the Global Enterprise
Get a grip on your mobile workforce Webcast
Integration as a Service: Are you connected?
Windows Mobile Series: Improving Mobile Security and Management Webcast
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Lithuania: Attacks Focused on Hosting Company
Google Bows to Pressure, Adds 'Privacy' Link to Home Page
TSMC Says 2Q in Line Or Better After Major Customer Falls
Asustek to Offer Eee PC with Built-in 3G Wireless
Asustek's Latest Eee PCs Shipping in Asia in July
Lenovo Seeks Prestige in Price-Sensitive Market
Microsoft's Silverlight Draws Patent Suit
A Tale of Two City Wi-Fi's
Google Under Pressure As App Engine Requests Rise
Wall Street Beat: IT Slumps in First Half
How To Do Nearly Anything
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
