With the number of Flashback-infected Macs dwindling more each day and Apple’s release of software updates that can both clean an infected Mac and prevent infection or reinfection, it’s easy for IT departments and individual Mac users to think that the crisis has passed. That doesn’t mean that it’s time to forget about the issue of malware targeting Macs, however. In fact, the entire event has been a wakeup call to IT and security professionals as well as to the wider Mac community – Macs are not invincible.
When reflecting on the Flashback events of the past couple of weeks, there are five major themes or lessons for businesses and IT department to consider when it comes to supporting Macs going forward.
- Mac malware issues are out there, but they still pale in comparison to Windows security issues – The biggest point to consider is that Macs will be targeted by malware creators more and more as the platform gains more traction with consumers and businesses. A strategy for handling future Mac malware events needs to be in place before the another one occurs (and who knows when that might be). However, the number of malware threats still pales dramatically compared to the threats facing Windows PCs. In fact, the speed at which this threat has been largely neutralized is astounding compared to some Windows threats.
- Macs do need malware protection and it needs to be centrally managed – Almost all IT shops rely on security software that’s centrally managed and include antivirus and malware protection. A centrally managed system ensures that IT is alerted to infections and can deal with them effectively – either remotely using the central management console or in person at the infected machine. Not only should every Mac in a company be running solid anti-virus/anti-malware software, it should also be centrally managed so that any Mac-specific threats are detected and dealt with as quickly as possible.
- The best choice of Mac antivirus software may not always be the same as the optimal Windows choice – One important point that’s easy to overlook about the Flashback series of events is that the major enterprise and Windows-oriented security and anti-virus vendors weren’t the first companies to respond to the threat. Intego, which specializes in Mac security solutions, had already identified the threat before Flashback became a major story. This is an important point. Intego had a leg up on other companies. While the Flashback threat wasn’t as damaging as some malware out there, the next major Mac threat might be something much more dangerous. For that reason, it’s worth taking a hard look at Mac protection options rather than simply going with the same vendor that provides Windows protection.
- Companies need to invest in the knowledge about how to secure Macs beyond just using the default options in OS – In many companies, particularly small to mid-size businesses with a limited umber of Macs, technicians and systems administrators may not have significant training or knowledge of how to lock down and harden Mac systems. That lack of knowledge and an assumption that OS X’s default security preferences should be secure enough may be a disaster waiting to happen in many cases. If a company is investing in Mac systems, it needs to also invest in the training and resources to effectively secure and troubleshoot them.
- Companies need to ensure BYOD Macs are protected – Although the BYOD movement has focused more on iPhones, iPads, and other mobile devices, a number of companies do support Macs as part of a BYOD mix. Every company has or is considering adding Macs to the BYOD mix needs to examine how to protect those Macs and secure them – both for the sake of their owners and the safety of the company as a whole.
Ultimately, the Flashback scare was fairly minor, but it does raise very serious issues about how Macs are (or aren’t) secured and protected properly in the workplace.