Corporate IT staff had better prepare for a headache as the number of Apple Macs in the enterprise grows.
Over the past two years or so, users have increasingly brought the Mac into the enterprise.
However, IT staff are not prepared to deal with Apple (NASDAQ: AAPL) Macs, either from a management or a security perspective, as the overwhelming majority of desktops in the enterprise are Microsoft (NASDAQ: MSFT) Windows boxes.
Now, they will have to change. “IT will now have to address a universal security policy instead of a Windows security policy,” Lumension Security’s Director of Solutions and Strategy Don Leatham told InternetNews.com.
Where previously Chief Security Officers only had to worry about Windows desktops when putting together enterprise security policies, now they “have to include Mac and Linux desktops, USB devices, iPods, iPhones and other personal smartphones and smart PDAs (define) that are actually small laptops,” Leatham said.
Hackers will also begin turning their attention toward the Mac. The Mac has benefited from the concept of security through obscurity, Leatham said, explaining that hackers target the most widely-used operating systems for maximum effectiveness and that Windows’ predominance made it the prime target.
“It’s a numbers game, just like marketing,” he explained.
Now, Macs are becoming more attractive as they are beginning to “sit in privileged access locations in corporations, and are not just for personal use,” Qualys Chief Technology Officer Wolfgang Kandek told InternetNews.com.
Security professionals themselves are part of the problem, Jack Phillips, co-founder and managing partner of security research firm Institute for Applied Network Security (IANS), told InternetNews.com.
“More and more IT people and security teams are going for the Mac for personal use because they see it as a more secure platform than Windows,” Phillips said.
At IANS’ last forum, held in Dallas over two days in June, “Ten to 15 percent of the users had Mac laptops, the most we’ve ever seen in the seven years we’ve held these forums,” Phillips said.
The Mac operating system is based on Unix, so there won’t be too many kernel-level hacks or problems at the low end of the operating system, but the “newer, higher levels” of the Mac operating system “probably still need to be tested” to see how many vulnerabilities exist in them, Leatham said.
Also, while the Mac will come under heavier attack now, it still lacks some applications that create security holes. “There are some things like Outlook on the Windows side that aren’t even available on the Mac,” Bob O’Donnell, program vice president in IDC’s clients and displays program, told InternetNews.com.
There are very, very few Macs in the enterprise, O’Donnell said, although the numbers are growing, so “enterprise IT isn’t sure what to do with Macs.”
here are security and system tools in the market that work on Windows and Macs which will help IT manage Macs in the enterprise. Lumension offers Patchlink Scan, a vulnerability scanner, and Patchlink Update, a remediation tool, both of which work on Windows, the Mac, Linux and Unix.
Qualys offers QualysGuard, which conducts security evaluations through the network to find and identify nodes on it. This works with the Mac and “helps IT departments enforce security with the same functionality you have in Windows,” Kandek said.