They absolutely exist in Windows! Same for any OS, really... It's just because most WIN sysadmins are aware of security issues. MS at least offers anti-malware now, and they do the automatic updates. Adobe (which I consider to be one of the biggest security risks) is also doing auto-updating of its products (provided the *&$# users actually apply the offered updates!).
I have had more than one Mac user say, "I never need to worry about security because I have a Mac!". Right... Actually, with that attitude, someone thousands of miles away _really_ has your Mac! "John Aldrich" <[email protected]> wrote on 09/07/2010 02:35:50 PM: > I see your point, however, most of those same issues exist in > Windows?at least theoretically, one could plant a ?time bomb? > waiting for elevated rights in Win7, by your argument. J > Based on my limited experience with Vista and Windows 7, Microsoft > finally got the security model right (they co-opted the *nix > security model, it would seem) but the amount of Windows machines in > the world make it a much more tempting target, so it could be argued > that Macs (and other unix-based PCs) are still more secure than Windows. J > > [image removed] [image removed] > > From: [email protected] [mailto:[email protected]] > Sent: Tuesday, September 07, 2010 3:25 PM > To: NT System Admin Issues > Subject: RE: Mac and Windows mix > > > Two Mac issues: > > 1. Currently, it is a smaller "target" for hackers. > > 2. Typically, a Mac user has no elevated rights. SO, most malware > would run as a "least rights" user and go nowhere. (This too is a > unix security feature.) > > OTOH, I believe Macs read PDF files. These are insecure all by > themselves. Throw in the breaks found in Safari, iTunes, QuickTime, > etc, and one can suspect time bombs can be planted which can go off > when someone needs to elevate "themselves" to run configuration > tasks, install software, etc. > > "John Aldrich" <[email protected]> wrote on 09/07/2010 02:15:16 PM: > > > Not to start a flame war or anything, but I was under the impression > > that Mac OS/X was significantly *more* secure than a comparable > > Windows machine, due to the *nix security model? Asking for > > information here, trying to learn, not trying to start a Mac Vs. > > Windows thread (there are enough of those, that I don?t need to > > start one! <G>) > > > > [image removed] [image removed] > > > > From: Holstrom, Don [mailto:[email protected]] > > Sent: Tuesday, September 07, 2010 2:57 PM > > To: NT System Admin Issues > > Subject: RE: Mac and Windows mix > > > > We have about a dozen Macs here at the Museum. I give them each dual > > monitor set-ups, with Parallels and Windows with Microsoft Office so > > they can Outlook to their e-mail. So far, Mac doesn?t really have a > > good Rendezvous/Outlook set-up, although OWA is very good and > > getting better. As I stroll by, I see that each Mac user keeps > > Office up on one monitor, so that Outlook is always open. Each of > > the Macs can already connect to our PC servers where they keep all > > their files. I give Remote Desktop access to those who either PC or > > Mac from the outside. > > > > Way too many security openings for Macs, this would not be good with > > a very secure network? > > > > From: Jeff Steward [mailto:[email protected]] > > Sent: Tuesday, September 07, 2010 2:34 PM > > To: NT System Admin Issues > > Subject: Re: Mac and Windows mix > > > > Don't knock yourself out here Matt, I'm just curious how one manages > > these issues in a mixed environment. I have one Mac user who works > > part time so we set him up with a Remote Desktop client and he works > > in a Terminal Server session. > > > > Regards, > > > > Jeff Steward > > On Tue, Sep 7, 2010 at 2:26 PM, Matthew W. Ross <[email protected] > > > wrote: > > Apple Remote Desktop is more akin to the Windows Management MMC, MS > > Remote Desktop and the SysInternals Power Tools rolled into one > > package. Open Directory is more akin to Group Policy. > > > > I will see what I can find out about those regulations. > > > > --Matt Ross > > Ephrata School District > > > > On Sep 7, 2010, at 11:21 AM, "Jeff Steward" <[email protected]> wrote: > > HIPAA > > SOX > > MA 201 CMR 17.00 > > > > To varying degrees they all boil down to: > > > > We define a security policy that meets the regulatory requirements > > and base configurations to meet that policy and then report > > regularly on performance to standards. I see from one of your > > follow-up posts that Apple Remote Desktop is akin to Group Policy. > > > > -Jeff Steward > > On Tue, Sep 7, 2010 at 1:31 PM, Matthew W. Ross <[email protected] > > > wrote: > > Can you be more specific? What standards are you needing to be > > compliant to? An example regulation would help me answer your question. > > > > --Matt Ross > > Ephrata School District > > > > On Sep 7, 2010, at 10:26 AM, "Jeff Steward" <[email protected]> wrote: > > A school environment is not the same as a public company > > environment. Compliance to <insert your favorite standard here> and > > reporting on said compliance or non-trivial issues for public > > companies or private companies subject to other regulations. There > > are a wealth of tools for managing these issues in a Windows > > environment, can the same be said of the Mac environment? > > > > -Jeff Steward > > On Tue, Sep 7, 2010 at 12:53 PM, Matthew W. Ross <[email protected] > > > wrote: > > Macs are not the burden you make them sound to be. > > > > Integrating a Mac into a windows network is never going to be > > painless; the two systems are inherently different. If what you want > > is a Windows experience from your Mac, install Windows. > > > > Now not everybody likes MacOS X, but the same can be said for > > Windows. Insert the problem of subjective preference here. > > > > Personally, I love working on my iMac, and managing the other Macs > > in our district is very easy if you use the provided Apple tools: > > Mac OS X server, Open Directory, and Apple Remote Desktop. > > > > Then again, I hate how a Mac _can_ cost 2x as much as a comparable > > PC. I do like that software upgrades are cheaper for Mac, but I > > don't like how apple drops support for anything that is not the > > current generation or the previous one. If you're 2 generations > > back, you're out of luck. > > > > What can a Mac do that a PC Can't? Nothing. But I would argue that > > competition is one of the pillars of innovation. Without Mac OS X > > competing against Windows, what would Windows look like today? > > > > > > --Matt Ross > > Ephrata School District > > > > > > ----- Original Message ----- > > From: James Hill > > [mailto:[email protected]] > > To: NT System Admin Issues > > [mailto:[email protected]] > > Sent: Sun, 05 Sep 2010 > > 19:28:49 -0700 > > Subject: RE: Mac and Windows mix > > > > > > > We have pretty much eliminated all of the Mac's here. > > > > > > We didn't have 3rd party products to manage them so they always > required so > > > much manual interaction. Any global change we made we could > easily automate > > > with PC's thanks to group policy etc but it was always a manual change for > > > the Mac's. > > > > > > They really aren't a corporate product imo. You only have to > look to Apple > > > for a corporate grade management solution to realise that it > doesn't exist. > > > > > > They do indeed need patching (http://support.apple.com/kb/HT1222 > ) and there > > > is AV products for them. Symantec has one for example. > Personally I think > > > the day is coming when someone will write a decent bit of > malware/virus for > > > them and 99% plus will get caught out by it. There is a very misguided > > > opinion amongst the Apple community that they are safe. Apple's false > > > advertising only strengthens this. The facts are that Mac's are more > > > vulnerable than the PC world http://www.crn.com/security/226200083 > > > > > > More importantly, what is the need for the Mac's in the first > place? For us > > > they were only sued for Adobe CS, which runs just fine on PC's. In fact > > > these days Adobe is more behind the PC world than the Mac. For example, > > > 64bit Photoshop was first on PC, had to wait for CS5 for Mac to get it. > > > That's without going into the Flash debate :) > > > > > > > > > > > > > > > > > > From: David Lum [mailto:[email protected]] > > > Sent: Saturday, 4 September 2010 6:07 AM > > > To: NT System Admin Issues > > > Subject: Mac and Windows mix > > > > > > I would like to hear from those of you who have a mixed Windows/Mac > > > environments: How do you handle management of the diverse environment? > > > Presumably with Mac's there is no patching or AV. Can you use > GPO's on them > > > in any fashion (wondering if there's some add-in to allow equivalency). > > > David Lum // SYSTEMS ENGINEER > > > NORTHWEST EVALUATION ASSOCIATION > > > (Desk) 971.222.1025 // (Cell) 503.267.9764 > > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > > > --- > > > To manage subscriptions click here: > > > http://lyris.sunbelt-software.com/read/my_forums/ > > > or send an email to > > > [email protected]<mailto:listmana...@lyris. > > sunbeltsoftware.com> > > > with the body: unsubscribe ntsysadmin > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > > > --- > > > To manage subscriptions click here: > > > http://lyris.sunbelt-software.com/read/my_forums/ > > > or send an email to [email protected] > > > with the body: unsubscribe ntsysadmin > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > --- > > To manage subscriptions click here: http://lyris.sunbelt-software. > > com/read/my_forums/ > > or send an email to [email protected] > > with the body: unsubscribe ntsysadmin > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > --- > > To manage subscriptions click here: http://lyris.sunbelt-software. > > com/read/my_forums/ > > or send an email to [email protected] > > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > --- > > To manage subscriptions click here: http://lyris.sunbelt-software. > > com/read/my_forums/ > > or send an email to [email protected] > > with the body: unsubscribe ntsysadmin > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > --- > > To manage subscriptions click here: http://lyris.sunbelt-software. > > com/read/my_forums/ > > or send an email to [email protected] > > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > --- > > To manage subscriptions click here: http://lyris.sunbelt-software. > > com/read/my_forums/ > > or send an email to [email protected] > > with the body: unsubscribe ntsysadmin > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > --- > > To manage subscriptions click here: http://lyris.sunbelt-software. > > com/read/my_forums/ > > or send an email to [email protected] > > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > --- > > To manage subscriptions click here: http://lyris.sunbelt-software. > > com/read/my_forums/ > > or send an email to [email protected] > > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > --- > > To manage subscriptions click here: http://lyris.sunbelt-software. > > com/read/my_forums/ > > or send an email to [email protected] > > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: http://lyris.sunbelt-software. > com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: http://lyris.sunbelt-software. > com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
