Mac Security Configuration Guide
Apple has released the Security Configuration Guide for OS X V10.5 Leopard for both the client and the server. These are must read documents if you are on an enterprise, or even just a casual user, with an Apple Mac OS X computer.
# CIS_MacOSX_10.5_Benchmark_v1.0.pdf - The Mac OS X 10.5 Leopard Level 1 & 2 Benchmark Version 1.0 document containing detailed instructions for implementing the steps necessary for CIS Level-I & 2 security on Mac OS X 10.5 (Leopard).
With Apple computers ending up in the enterprise, it is time for everyone to stop and take a look at the way the enterprise needs to secure them, and bring them into the fold. Apple's have an aura of not being hackable, which is not necessarily the case, Malware can exist on all systems. As administrators and security engineers interact more with Apple computers, it is always a good idea to bring them under the compliance rules of the company, bring in AV and Anti-spyware scanners, as well as the simple configuration items that can reduce the hackable surface of any computing system.
# CIS_OSX_10.4_Benchmark_v2.0.pdf - The Mac OS X Tiger Benchmark Version 2.0 document containing detailed instructions for implementing the steps necessary for CIS Level-I security on Mac OS X 10.4 (Tiger).
Source: CIS Security
Apple has also released their version of the security and hardening configurations as well, which is what CIS Security is using. Time to start working out a process to harden those Mac computers that are on the network, these will definitely help out in those cases.
You can down load the level 1 bench mark here which is a basic security configuration.
You can download the server security configuration here.
View All Articles by Dan Morrill
Our Daily Email of Breaking eBusiness News
About the Author:
Dan Morrill has been in the information security field for 18 years, both
civilian and military, and is currently working on his Doctor of Management.
Dan shares his insights on the important security issues of today through
his blog, Managing
Intellectual Property & IT Security, and is an active participant in the
ITtoolbox blogging community.
WebProNews RSS Feed
More Expert Articles Articles