![]() In high school, I had read a *NIX book during detention (There was a time when I just didn’t like going to class…), and I consider that experience to be one of the defining moments of my life. I had been coding sprites since I lost my first teeth, learned BASIC and was already on IRC and BBS’s, but UNIX was a gloriously complex and special thing. We didn’t have Linux back then really, People primarily used FreeBSD and some of the other commercial distros. I still consider myself a System V fangirl, after paying many years of dues in UNIX Technical Operations for a large managed hosting company. That’s how I got into security, so I’m really a paranoid UNIX admin who happened upon security.īut I digress. Mac OS X is extremely secure to begin with, with fantastic built-in features such as full-disk encryption with FileVault, a firewall, many sharing and other more risky features disabled by default, and GateKeeper for application protection. The standard features are great for most people, but remember – I’m paranoid. Security can generally always be improved for any device, system, solution, etc. When I install a fresh copy of MacOS X, there are certain pieces of software that I absolutely must install, and most are security tools. I’ve compiled a list of the security software I tend to install on every Mac I use. These vary from network firewalls to monitoring of specific IOCs (indicators of compromise). I’m not affiliated with any of these companies (that I know of), these are just awesome tools I recommend. You’re perfectly okay only using stock Mac OS X, as these tools are mostly monitoring tools for the truly paranoid. The Mac OS X Firewall works perfectly fine, but there are tools that offer additional functionality. At this point we are about 25% Ventura, but there are no concerns about any user updating.In no particular order, these are my top pieces of software for protecting your Apple Mac OS X computers: These tools may also adversely affect performance, because they are constantly watching. Some stuff needed to be updated, we had to deploy some nonLTS releases but we got it done. I simply explained what was going on with our security partners in October, and made plans. That Security tool is now in the process of being replaced. We had Ventura fully validated by Mid November less one security tool. There are 7 security clients on our devices, as well as a full testing and validation parity to our windows environment which is 99% of our devices. I work in a very old company in the finance sector that is very much stuck in its ways. I cannot stress enough, submit feedback.Īs far as older organizations. People who did not test in that time ignored the writing on the wall. We had from June to October for testing along with all of our security vendors. My main point is Apple has been very obvious about this shift. I am sure we would both agree on how horribly Apple is handling all of this. Personally I think Apple should be working harder to encourage participation, and Apples AppleSeed Program is total crap but it what we must deal with to use Apple Products. Its an investment thing, not all vendors are really invested in macOS as a platform. We got rid of the vendors that took their sweet time to validate macOS. They should release new OSs every other year like it used to be in the past rather than a new OS for the sake of releasing a new OS every year.Īs for 3rd party vendors, we have had the same issue. I feel Apple does release new versions of macOS too frequently. The biggest sin I find in this is apples insistence in releasing the new OS going in to 4th quarter with many people out on holiday during the testing period. Considering Apple only patches all security findings in the current release of macOS, it should be all of our goals to get to current as soon as possible. Generally speaking 3 months is 25% the way though the life cycle of any macOS release. Its on to users as to what they do at this point. ![]() (Either delaying major and minor updates)Īdditionally, when my profiles actually take effect, they lose it after a restart for example.Ĭurrently they don't seem to take effect not even temporarily.Īpple is not forcing the update, they are simply preventing us from blocking it. Even on macOS Big Sur, Ventura is appearing as available. ![]() If you currently have a longer delay period for major update than minor updates, increase your minor update delay to match the desired major delay period." - That's the first thing we tried and it's not working Use both the major and minor update delay settings to prevent Mac computers in your organization from offering macOS Ventura for up to 90 days. Anyway, the info published by Apple here is not precise in the least: Ĭontinue to use the major update delay setting to prevent Mac computers in your organization from offering macOS Ventura for up to 90 days." - tested several times and it's not working (edited)
0 Comments
Leave a Reply. |