Security Slideshow: Flashback Trojan: What CIOs Need to Know About Mac OS X SecurityBy Don Reisinger | Posted 04-18-2012
There's been a longstanding myth that just because you're not running a Windows PC, you'll be safe from viruses and malware. In reality, that's just not the case. Regardless of whether it's a Mac, Windows PC, or iPhone, no one is ever safe. The sooner your users accept that, the better off you'll be.
Apple's response time to fully address the Flashback Trojan disappointed some critics. Within days of the March attack, a host of security vendors started rolling out free tools to detect and remove the malware. Apple didn't send out a patch until April 3, while its detection tool didn't appear until mid-April. CIOs need to know that Apple is willing and ready to rapidly safeguard its software.
Employees are Clueless
Although you and your IT team are staying up-to-date on all of the Flashback Trojan problems that might arise, your Mac-loving employees may not be aware of the dangers. It's up to you to educate them.
With Flashback, only those Mac users who had administrator access were affected by the outbreak. Those who didn't have administrator access couldn't install applications, thus limiting the fallout. Limiting administrator access is always a wise move.
One of the biggest mistakes any CIO can make with Mac OS X is to simply fire and forget. As with Windows, remaining diligent with updating Mac OS X and staying atop the latest security scuttlebutt is worth the time and trouble.
Apple's frequent updates of its Mac OS X can present logistical problems for enterprise IT, but it's actually a good idea in the Apple ecosystem. The latest OS always offers security enhancements, and as Flashback shows, you'll get better protection after an update is released. For example, users of the old Mac OS X Tiger are not able to access the patch offered to Snow Leopard and Lion users.