18 Nov 2010
While Apple has established a dominant position in the consumer electronics market, enterprise buyers have proven a harder nut to crack. But there are signs that the number of Macs within the enterprise are increasing - albeit from a low base. That could be bad news for security chiefs.
According to figures from analyst group IDC, for Apple's most recent financial quarter, corporate sales accounted for about 3.5 per cent of all customers for its MacBook and iMac computers.
That may be a drop in the ocean for the Cupertino-based technology titan, given the stellar sales of its tablets and smartphones. But it's also indicative of how the corporate landscape is changing.
A recent survey of systems administrators conducted by the Enterprise Service Alliance, a consortium of Mac-based software vendors, showed companies expected the proportion of Macs within the enterprise to rise from three per cent of corporate systems in 2009 to five per cent by 2011.
Most IT leaders wouldn't countenance the idea of replacing their PC estate with Apple's Mac alternatives, but there is a growing acceptance that employees may be more comfortable with using their home system at work, said David Roberts, executive director of the blue chip IT users group, the Corporate IT Forum.
"So it may well be the case that there will be more Mac systems in the enterprise in future," he added.
But can Apple really be treated as enterprise ready? Its approach to security may give some IT leaders pause for thought.
The latest security update for Apple's OS X operating system addressed around 130 vulnerabilities. While the sheer number of vulnerabilities may have further dented Mac OS's supposed reputation for being secure, it is the sheer difficulty of assessing and verifying that a patch that size can be safely deployed which will concern IT professionals.
The key to managing security patches is to understand which systems need to be patched and to be able to test the patches in a timely manner, said John Kindervag, a senior analyst at Forrester Research.
"Security professionals must also agree with business units on a strategy for testing third-party applications," he said.
That process is made more difficult when vendor patching programmes deliver unexpectedly large updates, added Roberts.
"CIOs absolutely have to ensure that companies' computers are fully secure," said Roberts. But it is essential that the process is as painless as possible, he added.
If you actually did some due diligence as a reporter and looked at the list of what Apple patched with 10.6.5, you would see that most of the patches were for the many open source and third party components of Mac OS X. In fact an enormous number of these patches (almost half) were for the Flash plugin which up till recently Apple bundled with OS X. Can you see now why Apple has stopped bundling the Flash plugin with new Macs shipped and like Windows now requires users to download the plugin for themselves direct from Adobe?
Other patches were for open source components such as Apache, CUPS, Gzip, MySQL, OpenLDAP, OpenSSL, PHP, Python, X11 etc.
I assume you will now report that enterprise users should not trust Linux for their servers because all of these open source vulnerabilities were present in Linux as well? *shakes head*
-Mart
Posted by: Martin Hill 18 Nov 2010
Hint: It's not any Unix based OSes.
"But can Apple really be treated as enterprise ready? Its approach to security may give some IT leaders pause for thought."
Only if one has any clue what they are talking about.
Because the Macs are secure, no way they will want them--it's bad for job security.
Posted by: Brian 18 Nov 2010
Apple tries to be proactive in finding bugs in their software and software they use from other vendors, like all the Flash bugs included in this update. As far as deploying this patch, it's a piece of cake and can be delivered when required using an on-site software update server (part of OSXServer). As far as figuring out which systems need to be patched, that's easy. Just about every Mac can use the same OS installation, unlike Windows PCs that require special drivers. The OSX updater knows what it's looking at and updates it properly. As for the recent problem with PGP, that's a design problem by PGP changing the boot.efi file, a file no vendor should ever touch. As far as securing Macs, it's actually easy. Just make sure all the normal settings are configured properly (Apple's security guide does this fine) and have users configured to use the non-admin user for daily use, only using the admin user (different account and password) when absolutely necessary. If you've ever run a Mac-based system you would know these things.
Posted by: Peter 18 Nov 2010
Have your say on this article
Newsletters
Latest stories from Client
Latest videos
You may also like
Client jobs
Technology Patent Wars
Case studies from large organisations across all sectors
... And rich media, and flexible working, and peaks in traffic ...
Upcoming Events
Join us for this Computing web seminar, in which the Head of BI at the Co-operative Group Nick Colebourn will be explaining just how he reigned in the Group’s sprawling database estate and how significant savings were realised and data quality improved as a result.
Date: 31 May 2012
Time: 11:00 AM
Live June 13th 11:00am: Register now. During this web seminar we will be looking at the sorts of incidents that can bring data centres grinding to a halt and what can be done about them.
Date: 13 Jun 2012
Time: 11:00 am
Receive the latest jobs direct to your inbox
Are you being paid what you are worth?
