Remember when Apple Store reps (like me) used to say Macs were virus free back in the early 2000s?


Badge

I used to work at an Apple Store and had a bad habit of telling people that Macs didn’t have virus problems. Now Apple is admitting there’s too much malware on macOS. Are you treating your orgs Macs any differently than you used to in the early-mid 2000s?


11 replies

Userlevel 3
Badge +2

Chromebooks are the new Macbooks then 😛



Open Thread in Slack
Userlevel 2
Badge +2

That was definitely the standard around Apple Stores in the 00's. I personally always ran something like Malwarebytes regardless, but Macs should be treated and protected the same as any other device.



Open Thread in Slack
Badge +2

We use Google Workspace Context Aware Access to only allow access to our data on an OS that still receives security updates, so old versions of MacOS are blocked.



Open Thread in Slack
Userlevel 1
Badge +2

We used Context aware at the DNC, but that didn't seem like enough since we had to put people into exemption OU's when their computers were our for repair or they were contractors who didn't use our devices.



Open Thread in Slack
Userlevel 1
Badge +2

So we implemented Cisco Amp for our Macs and that is what we are using at my current company as well.



Open Thread in Slack
Userlevel 1
Badge +2

We used Context aware at the DNC, but that didn't seem like enough since we had to put people into exemption OU's when their computers were our for repair or they were contractors who didn't use our devices.



Open Thread in Slack
Badge +1

We have security requirements that are the same on our Windows computers as our Macs. We now use Crowdstrike Falcon for most of our infosec story.



Open Thread in Slack
Badge +2

@colleen.alaimo yeah dealing with broken devices is a problem with CCA especially when everyone remote.



Open Thread in Slack
Userlevel 1
Badge +2

Absolutely.



Open Thread in Slack
Userlevel 1
Badge +2

We also had a procedure for approving personal mobile devices, we'd get an email from Google saying that a device wanted to connect, we'd reach out to the person to get on a meet or Zoom and have them show us their ID and proof that they were on the latest OS. Only after that did we approve them



Open Thread in Slack
Userlevel 2
Badge +2

Implementing Beyond Identity has been fruitful (pun intended) for our Apple devices as well. If you want access to data behind Okta, it must meet certain requirements (OS version, specific security software installed, FDE enabled) etc.



Open Thread in Slack

Reply