Security 2007: Issues to Be Aware Of: Page 2
Whats different about OS X? This past year was a major one for my small business, as I switched from a Linux desktop to an Apple OS X desktop. Truth be told, I never had much respect for Macs (and thats an understatement), but then Mr. Jobs came along and put BSD UNIX under the hood and my attitude shifted. Ive been using various UNIXes since the early 1980s and have always just felt at home there.
|Recent Alignment Articles|
Shaping Your Enterprise Privacy Management
Vista Exploit Looking For Achilles' Heel
I also feel more secure, but what really makes them different than Microsofts offerings from a security perspective? Im going to explore this question more in my columns this year, but I have a few preliminary thoughts: 1) Applications are in the /Applications folder, where my desktop user has no write access to; 2) user application data, options, settings, etc., are stored in each users home directory; and 3) my desktop user has no system privileges (though that wasnt an Apple default!).
I know these are nothing newmainframe folks have known about this stuff for decades. Theyve taken the Redmond crowd a long time to catch on to, however. Try logging into a default XP desktop user sometime and deleting all the files in say Program Files or Windows sometime just for fun, and see what happens. (No, dont really do this!) Indeed, I still have numerous applications loaded on my old XP laptop that require write access to Windows to store configuration settings and such. How can you ever hope to be secure in such an environment?
Email: Guilty Until Proven Otherwise
Delete emails with wanton abandon. Between the rise in spam emails and phishing attackswhich often go hand in handits time to switch to a whitelist approach when handling emails. That is, much like setting firewall rules, we have to assume everything to be deadly dangerous until we prove it to be safe, not the other way around. When I go through my inbox each day, I look through the senders and subject lines for people that I know and subjects that mean something in the context that I expect; all else gets deleted. Seriously. No previews. No clicking on emails that might be interesting. Sorry. Theres a serious risk that Ill miss something that I shouldnt have, but thats the cost of doing safe email in 2007.
So thats my little list of things to consider as we look forward to 2007 and all that it holds in store for us. Apart from anything else, weve got to realize that the for-profit attacks have upped the ante on us and we simply must find ways of doing our work better.