Corporate IT staff had better prepare for a headache as the number of Apple Macs in the enterprise grows.
Over the past two years or so, users have increasingly brought the Mac into the enterprise.
However, IT staff are not prepared to deal with Apple (NASDAQ: AAPL) Macs, either from a management or a security perspective, as the overwhelming majority of desktops in the enterprise are Microsoft (NASDAQ: MSFT) Windows boxes.
Now, they will have to change. “IT will now have to address a universal security policy instead of a Windows security policy,” Don Leatham, Lumension Security’s director of solutions and strategy, told InternetNews.com.
Where previously chief security officers only had to worry about Windows desktops when putting together enterprise security policies, now they “have to include Mac and Linux desktops, USB devices, iPods, iPhones and other personal smartphones and smart PDAs
Hackers will also begin turning their attention toward the Mac. The Mac has benefited from the concept of security through obscurity, Leatham said, explaining that hackers target the most widely used operating systems for maximum effectiveness and that Windows’ predominance made it the prime target.
“It’s a numbers game, just like marketing,” he explained.
Now, Macs are becoming more attractive as they are beginning to “sit in privileged access locations in corporations and are not just for personal use,” Wolfgang Kandek, Qualys chief technology officer, told InternetNews.com.
Security professionals themselves are part of the problem, Jack Phillips, co-founder and managing partner of security research firm Institute for Applied Network Security (IANS), told InternetNews.com.
“More and more IT people and security teams are going for the Mac for personal use because they see it as a more secure platform than Windows,” Phillips said.
At IANS’ last forum, held in Dallas over two days in June, “Ten to 15 percent of the users had Mac laptops, the most we’ve ever seen in the seven years we’ve held these forums,” Phillips said.
The Mac operating system is based on Unix, so there won’t be too many kernel-level hacks or problems at the low end of the operating system, but the “newer, higher levels” of the Mac operating system “probably still need to be tested” to see how many vulnerabilities exist in them, Leatham said.
Also, while the Mac will come under heavier attack now, it still lacks some applications that create security holes. “There are some things like Outlook on the Windows side that aren’t even available on the Mac,” Bob O’Donnell, program vice president in IDC’s clients and displays program, told InternetNews.com.
There are very, very few Macs in the enterprise, O’Donnell said, although the numbers are growing, so “enterprise IT isn’t sure what to do with Macs.”
There are security and system tools in the market that work on Windows and Macs which will help IT manage Macs in the enterprise. Lumension offers Patchlink Scan, a vulnerability scanner, and Patchlink Update, a remediation tool, both of which work on Windows, the Mac, Linux and Unix.
Qualys offers QualysGuard, which conducts security evaluations through the network to find and identify nodes on it. This works with the Mac and “helps IT departments enforce security with the same functionality you have in Windows,” Kandek said.
What happened, and where things are going
Macs are gaining ground in the enterprise because there’s “a perfect storm of consumer convergence,” Leatham said.
“There’s the iPhone and iPod, Web 2.0, Internet messaging, Twitter, all sorts of different vehicles which are to a certain degree valid mechanisms to do business, especially by the younger generation, and 20-year-olds who see Macs as tools, not as toys,” he explained.
The Mac’s penetration of the enterprise is being helped by Windows Vista’s unattractiveness to corporations.
“The relatively slow enterprise adoption of Vista due to its graphics requirements and application compatibility issues makes the Mac all the more attractive because it’s being compared to Windows XP, a pretty old system design,” Peter Christy, analyst for Internet Research Group, told InternetNews.com.
The user-driven adoption of Macs in the enterprise is not going to last, IANS’ Phillips said.
“Personal preferences will peak for now, but ultimately IT’s insistence on a PC or Windows environment will win out,” he said.
In the short term, enterprises will turn to vendors and ask for help, but “ultimately, management will tell users that they must abide by corporate policies, not personal policies, when they come to work.”