Five Major Lessons IT Needs To Learn From The Flashback Fiasco

Five Major Lessons IT Needs To Learn From The Flashback Fiasco

Flashback threat may be fading, but companies shouldn't get complacent about Mac malware

With the number of Flashback-infected Macs dwindling more each day and Apple’s release of software updates that can both clean an infected Mac and prevent infection or reinfection, it’s easy for IT departments and individual Mac users to think that the crisis has passed. That doesn’t mean that it’s time to forget about the issue of malware targeting Macs, however. In fact, the entire event has been a wakeup call to IT and security professionals as well as to the wider Mac community – Macs are not invincible.

When reflecting on the Flashback events of the past couple of weeks, there are five major themes or lessons for businesses and IT department to consider when it comes to supporting Macs going forward.

  • Mac malware issues are out there, but they still pale in comparison to Windows security issues – The biggest point to consider is that Macs will be targeted by malware creators more and more as the platform gains more traction with consumers and businesses. A strategy for handling future Mac malware events needs to be in place before the another one occurs (and who knows when that might be). However, the number of malware threats still pales dramatically compared to the threats facing Windows PCs. In fact, the speed at which this threat has been largely neutralized is astounding compared to some Windows threats.
  • Macs do need malware protection and it needs to be centrally managed – Almost all IT shops rely on security software that’s centrally managed and include antivirus and malware protection. A centrally managed system ensures that IT is alerted to infections and can deal with them effectively – either remotely using the central management console or in person at the infected machine. Not only should every Mac in a company be running solid anti-virus/anti-malware software, it should also be centrally managed so that any Mac-specific threats are detected and dealt with as quickly as possible.
  • The best choice of Mac antivirus software may not always be the same as the optimal Windows choice – One important point that’s easy to overlook about the Flashback series of events is that the major enterprise and Windows-oriented security and anti-virus vendors weren’t the first companies to respond to the threat. Intego, which specializes in Mac security solutions, had already identified the threat before Flashback became a major story. This is an important point. Intego had a leg up on other companies. While the Flashback threat wasn’t as damaging as some malware out there, the next major Mac threat might be something much more dangerous. For that reason, it’s worth taking a hard look at Mac protection options rather than simply going with the same vendor that provides Windows protection.
  • Companies need to invest in the knowledge about how to secure Macs beyond just using the default options in OS – In many companies, particularly small to mid-size businesses with a limited umber of Macs, technicians and systems administrators may not have significant training or knowledge of how to lock down and harden Mac systems. That lack of knowledge and an assumption that OS X’s default security preferences should be secure enough may be a disaster waiting to happen in many cases. If a company is investing in Mac systems, it needs to also invest in the training and resources to effectively secure and troubleshoot them.
  • Companies need to ensure BYOD Macs are protected – Although the BYOD movement has focused more on iPhones, iPads, and other mobile devices, a number of companies do support Macs as part of a BYOD mix. Every company has or is considering adding Macs to the BYOD mix needs to examine how to protect those Macs and secure them – both for the sake of their owners and the safety of the company as a whole.

Ultimately, the Flashback scare was fairly minor, but it does raise very serious issues about how Macs are (or aren’t) secured and protected properly in the workplace.

Related
  • David Morón

    Reading this statement “Mac malware issues are out there” on cultofmac.com tells me Steve Jobs’ distortion field is fading.

  • mr_bee

    I disagree with the whole premise of this article. The only thing IT departments need to learn is that Java is a mostly useless product that is actually an attack vector and should be weeded out of all online systems and networks.

    If you turn off Java on your Mac, you are almost impervious to anything, but foolish IT “professionals” insist on filling up the enterprise with Java making it impossible for anyone but the home user to turn it off. There are ample solutions for almost any problem that don’t require an ancient cross-platform, insecure nightmare like Java.

  • Nate

    If you turn off Java on your Mac, you are almost impervious to anything.

    What do you mean by “almost” and how long do you think that will last? (Serious questions… I do much agree with your post)

    Reading up on Java security issues is quite an eye-opener. What is your opinion of Java’s distant cousin-by-marriage, JavaScript? I’m quite the novice when it comes to all this class-based vs. prototype-base programing language stuff but aren’t there some shared inherent weaknesses in the platforms given their functional overlap? When easier targets like Java are history, won’t the bad guys just move on to stuff like JavaScript and who knows what else?

    These “drive-by” class attacks are worrisome and I’m not as confident in the “imperviousness” of our current OS designs to meet this challenge.

  • gavernmusic

    I would never install 3rd party anti-virus supposed protection on a mac, my mac or any mac. I have never had a virus or Trojan ever (thankfully). I don’t pretend to know expertly about these issues but I’d say from what I know so far, it seems that “third party anything protection” seems to be opening yourself up to trouble. Think about why viruses are created in the first place, and the majority of the reasons thereof, and you should come to a conclusion. I’ll leave the protection and security protection issues up to Apple, and their personal software updates for now, as this seems to work best.

  • imajoebob

    Same old song: The only Mac “malware” out there is IdiotWare. The best thing for IT is to make it impossible for Mac users to install or update any software, just like they did long ago when idiot Windows users used to download and link to every pretty click on their screen. The only real difference is that Mac users have to intentionally authorize the trojans.

    Which I guess proves an old Axiom; Steve Jobs tried to make OS X idiot proof, so the world went out and built a bigger idiot.

About the author

Ryan FaasRyan Faas is a technology journalist and consultant living in upstate New York who has written extensively about Apple, business and enterprise IT, and the mobile industry. In addition to writing for Cult of Mac, he is a contributor to Computerworld, InformIT, and Peachpit Press. In a previous existence he was a healthcare IT director as well as a systems and network administrator. Follow Ryan on Twitter and Google +

(sorry, you need Javascript to see this e-mail address)| Read more posts by .

Posted in News | Tagged: , , , , , , , , , |