Secrecy Matters

By Don Reisinger  |  Posted 2009-06-29

How Secure Is Apple's Snow Leopard for the Enterprise?

When it comes to the enterprise, security is a constant concern. Most companies have mission-critical data loaded onto employee notebooks walking out the door on a daily basis. At the office, malicious hackers are constantly trying to find ways to break into the network to access that data, steal information or just wreak havoc. The IT manager needs to consider this, find the best security software, and constantly worry themselves about the safety and security of their co-workers. It's a tough job.

With the help of the right operating system, companies can be more prepared to confront the dangers of the Web and take on any issues that might arise. It won't be easy -- no operating system is absolutely secure -- but some are better than others.

And that's where Snow Leopard comes in. The upcoming release of Apple's latest operating system has Apple fans excited. The company promises big things for the operating system, including new features, 64-bit architecture, faster response times and even better security. Apple claims its latest operating system is not only more secure than Windows, its new features ensure users both on the consumer side and in the enterprise will be kept safe.

But is that true? Will Snow Leopard really provide the kind of secure experience that's expected of an operating system in the enterprise? Can it stand up to Microsoft and Windows 7?

Let's take a look.

Size matters

Apple and its supporters are quick to cite Microsoft's security problems. They say Microsoft has failed to provide the kind of security it should for both the enterprise and consumers. It's tough to argue with the logic. Windows has been impacted by a slew of security issues since its inception and many have turned into real problems for the enterprise. Undoubtedly, that would mean that the business world should stop using Windows and move to Mac OS X, right? Think again.

The truth is, we just don't know how secure Mac OS X really is. Malicious hackers and malware authors engage in their illegal activity for one reason - money. And if they want to make some money, the best way to go about it is targeting the operating system with the most users. Considering Windows easily eclipses every other operating system in the space, more attackers are targeting Windows than Mac OS X. It's simple economics. 

So, to say that Mac OS X is more secure is a bit of a red herring. It hasn't confronted real issues the way Windows has. And considering Apple was forced to update its operating system with 67 patches in May, it's not beyond the scope of reason to think there might be some issues behind the scenes that are having a real impact on Mac OS X.

Secrecy Matters

Apple might enjoy railing against Microsoft for its Windows security problems, but the company's emphasis on secrecy and covering up security problems will come back to haunt it. On Apple's Website, there's just one page detailing Snow Leopard's security. On that page, the company says Snow Leopard will "screen" the files you "download using Safari, Mail and iChat." The operating system then analyzes digital signatures to ensure it hasn't been changed since it was added to the hard drive. Great. But what about all the other applications you download? What application will screen those?

I'm also a little concerned by Apple's contention that "with virtually no effort on your part, Mac OS X offers a multilayered system of defenses against viruses and other dangerous malware."

Anyone who has been forced to deal with security issues in the enterprise will tell you that whenever a company says it will offer a "fire and forget" security solution, it's a nightmare. Apple went on to detail its intention of using sandboxing in Snow Leopard to restrict programs from accessing particular files. It also has library randomization and execute disable to protect the Mac's memory. Other than that, Apple stayed relatively mum on its Website about Snow Leopard's security.

False sense of security?

And perhaps that's why I have such a problem with Snow Leopard. On its own Website, Apple details some security features that, to be quite honest, are already built into Windows 7. It makes no mention of vulnerabilities that have affected the operating system in the past. It doesn't discuss how it will consistently keep enterprise users safe. And worst of all, it makes them feel like they have nothing to worry about. I disagree.

Mac OS X Snow Leopard will be the most tested Apple operating system yet. Before the release of Mac OS X Tiger, the idea of even discussing Mac security was ludicrous. But after that operating system was released, Apple has been tested more than ever. And thanks to more market share and the creation of that false sense of security, malicious hackers are taking notice. They can capitalize on that.  And based on what I see from Apple, its operating system might not be prepared.

The bottom line

Is Mac OS X Snow Leopard really ready for the enterprise? Probably not. Security is not a single-front war. IT managers need multiple layers of security to ensure mission-critical data is kept safe. And although Apple claims it can provide that security, most third-party security applications simply aren't compatible with Mac OS X. That means companies will need to entrust Apple, a company that has yet to face too many security obstacles, with the safety of their networks. It's a tough sell.

Although Windows is rife with issues, it's getting better. And the promise of Windows 7 means it will be the most secure version of the operating system yet. Combine that with a slew of security packages that help maintain the security of the network, and it's tough to see how Mac OS X can compete.

Rocket Fuel