Home » Data Protection » Network Security

The Apple security survival guide

Attacks against the Mac are on the rise, and users need to know what they're up against to mount an effective defense. Here's a survival guide that will help.

By Bill Brenner, Managing Editor

October 12, 2011 — CSO —

Not much has been said about the security of Apple's products in the wake of Steve Jobs' passing. But there will be security issues to deal with in the land of Apple.

In fact, the danger has already arrived.

We're starting to see the security risks (just look at all the Mac vulnerabilities we've seen of late) but attackers are only getting warmed up, testing the defenses and seeing what kind of damage they can do.

With the iPhone and iPad so ubiquitous in work and at home, the bad guys now have all the reason in the world to make these devices their number-one target. It's going to happen, and you need to be prepared.

To that end, here's some content to get you up to speed.

Apple's Mac OS X NEVER had superior security
Some Apple fans won't like our story about Mac malware going from a game to something more serious. But scowling over the details won't make a painful reality go away. The reality being that -- contrary to popular opinion among Apple fans -- Macs have never been superior to Windows boxes from a security standpoint.

Mac malware goes from game to serious
A game theory paper written in 2007 predicted that Mac users would see more malware. Now, those predictions are coming true.

Apple Patches OS X for DigiNotar Threat
Apple rolled out an OS X patch to deal with the DigiNotar threat. DigiNotar will be removed from the list of trusted root certificates.

Customer Leaves Apple Store with Confidential Data
Time Machine backup of Apple Store's internal file server taken.

Recent events at Apple suggest genuine push for Mac security
When examined in their entirety, recent steps taken by Apple show a concerted effort by Apple to strengthen the security of its Macintosh computing platform.

The Apple way of (in)security
Tight hardware control and strict application policies reduce risk. So why doesn't everybody take Apple's approach to security?

Read more about network security in CSOonline's Network Security section.

Other stories by Bill Brenner

Print

What is Tech Briefcase?

TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more

Bookmark content

Speed up your research efforts with content across the web.

Search and Store

Find the white papers you need. Create folders for any topic.

View Anywhere

Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.

Don't have an account yet?

Editor's Picks

Inside online black markets

A security checklist for SaaS, IaaS and PaaS clouds

Security at the scene of the crime

7 great movies about social engineering

NETWORK SECURITY ESSENTIAL READING

Key concepts, strategies and tools for building an effective network security program. Learn about handling hackers, mitigating DDoS attacks, and much more.

Network security: The basics
Configure your network correctly, and know what's coming in and out. Network security proceeds from those two fundamental concepts.

Log management basics
Log management systems can bring you business intelligence—so choose the right type for your needs

Penetration testing: 10 tips for a successful program
Define your goals, develop attacker profiles, define deliverables, and more

The 7 deadly sins of network security
Thinking compliance equals security, failing to assess risk, and other classic blunders

What a botnet looks like
A visual, interactive tool for examining real botnet command-and-control structures

Next-generation firewalls: In depth

How to stress-test your network

The DDoS attack survival guide

Firewall audit tools: Dos and don'ts

Also find sample network security policies in CSO's tools, templates and policies library

Network Security Webcasts

The CISO's Survival Guide to Securing Data

Data Privacy and Protection in Production Environments: New Research from Ponemon Institute

FireEye Advanced Threat Protection KnowledgeVault

Five Tips to Consider in a Data Security Strategy for Smartphones and Tablets

Moving Your Email to the Trusted Cloud

New PCI Tokenization Guidelines with QSA Expert

» View All Network Security Webcasts

Network Security White Papers

2011 DDoS Attacks: Top Trends and Truths

Business Case for Managed DNS

In Denial?...Follow Seven Steps for Better DoS and DDoS Protection

Obtaining Fortune 500 Security without Busting your Budget

The Security Landscape: Converging Waves of Pain

Bringing Your Internet Acceptable Use Policy up to 2012 Standards

» View All Network Security White Papers

#FFSec: Security pros to follow on Twitter, May 25
Follow these names on Twitter. Together, they make cyberspace a more secure place. (copy and paste)
read more

Step right up and listen to the security barker

Is the title 'security evangelist' really that bad?

More Salted Hash with Bill Brenner

White Papers

2011 DDoS Attacks: Top Trends and Truths

Business Case for Managed DNS

In Denial?...Follow Seven Steps for Better DoS and DDoS Protection

Obtaining Fortune 500 Security without Busting your Budget

The Security Landscape: Converging Waves of Pain

Bringing Your Internet Acceptable Use Policy up to 2012 Standards

Internet Filtering vs. User Activity Monitoring

The Business Case for Managed Security Services

Defending Against Advanced Persistent Threats

New Advances in Enterprise Authentication

Using BD for Smarter Decision Making

Solving Active Directory's Security Challenges

Less Secure Than You Think

Security Strategies to Virtualizing Internet-Facing Applications

Cloud Security Planning Guide

Cloud Security Vendor Round Table

Planning Guide - Technology for Tomorrow's Cloud

Cloud Security Insights for IT Strategic Planning

Proven strategies for uncovering cost savings with IBM DB2

Deliver Cost-Effective Business Continuity with Extreme Capacity

More White Papers »

Sponsored Links

Removing risk is our job. TransArmor by First Data. Get proof here.

Gartner Security & Risk Management Summit 2012. Register today.

Akamai Kona Security. Web security so you can innovate fearlessly

Removing risk is our job. TransArmor by First Data. Get proof here.

Removing risk is our job. TransArmor by First Data. Get proof here.

Webinar: A Practical Approach for Using DLP to Manage Risk to Information Assets

Splunk translates machine data into "aha" moments for IT and the business.

Cloud Readiness Starts with Intel® Technology

CYBERMARYLAND | Learn Why Maryland is the Epicenter for Cybersecurity

Removing risk is our job. TransArmor by First Data. Get proof here.

Removing risk is our job. TransArmor by First Data. Get proof here.

The Apple security survival guide

Attacks against the Mac are on the rise, and users need to know what they're up against to mount an effective defense. Here's a survival guide that will help.

By Bill Brenner, Managing Editor

To continue reading, register here to become an Insider

It's FREE to join

Network security: The basics
Configure your network correctly, and know what's coming in and out. Network security proceeds from those two fundamental concepts.

Log management basics
Log management systems can bring you business intelligence—so choose the right type for your needs

Penetration testing: 10 tips for a successful program
Define your goals, develop attacker profiles, define deliverables, and more

The 7 deadly sins of network security
Thinking compliance equals security, failing to assess risk, and other classic blunders

What a botnet looks like
A visual, interactive tool for examining real botnet command-and-control structures

Next-generation firewalls: In depth

How to stress-test your network

The DDoS attack survival guide

Firewall audit tools: Dos and don'ts

The Apple security survival guide

Attacks against the Mac are on the rise, and users need to know what they're up against to mount an effective defense. Here's a survival guide that will help.

By Bill Brenner, Managing Editor

To continue reading, register here to become an Insider

It's FREE to join

Network security: The basics Configure your network correctly, and know what's coming in and out. Network security proceeds from those two fundamental concepts.

Log management basics Log management systems can bring you business intelligence—so choose the right type for your needs

Penetration testing: 10 tips for a successful program Define your goals, develop attacker profiles, define deliverables, and more

The 7 deadly sins of network security Thinking compliance equals security, failing to assess risk, and other classic blunders

What a botnet looks like A visual, interactive tool for examining real botnet command-and-control structures

Next-generation firewalls: In depth

How to stress-test your network

The DDoS attack survival guide

Firewall audit tools: Dos and don'ts

Network security: The basics
Configure your network correctly, and know what's coming in and out. Network security proceeds from those two fundamental concepts.

Log management basics
Log management systems can bring you business intelligence—so choose the right type for your needs

Penetration testing: 10 tips for a successful program
Define your goals, develop attacker profiles, define deliverables, and more

The 7 deadly sins of network security
Thinking compliance equals security, failing to assess risk, and other classic blunders

What a botnet looks like
A visual, interactive tool for examining real botnet command-and-control structures