What about using a Mac in your Business: Part 1

So, why would you consider bringing OS X devices into your business?
With iOS, Apple has made a distinguished move into enterprise  and education and with this move there is now an even greater emphasis on user experience and user preferences for devices. 

Mac and iOS devices are similar in that they’re all designed around the same principles. These principals are the ( 1 ) seamless integration between hardware and software, ( 2 ) powerful ecosystems of applications and most importantly ( 3 ) creating the best possible experience for users that are operating the device. Using Mac in your business also means employees who may be familiar with how to use and iPhone or iPad will be very comfortable to work on a Mac. OS X also comes with many of the same applications as iOS, so no matter what device they choose to work from they have a similar, seamless experience. 

In many of my conversations with business owners and IT persons, I generally hear that they are concerned about two key things: ( 1 ) Security on the Mac and ( 2 ) Integration of OS X into systems and services already in the business. As a ( 3 ) I also find that the knowledge of how to manage OS X and IOS once deployed in the business is also missing. There is a general fallacy that “ Macs don’t integrate” and that they are “Nice” devices that “don’t really work in business”.

So, lets look critically at if these assumptions are correct. In Part 1, I would like to look at security on OS X.

OS X is a very secure operating system. For example, you may have heard that it is uncommon for OS X to get viruses ( or at least get viruses in the same way as a PC does). Ultimately, you should be aware of Viruses and Malware - especially when you exchange files with computers on other operating systems. Most OS X users will use commercially available antivirus software can help prevent virus forwarding - the process whereby your device is not directly effected by the malicious software, but you can forward it onto other users for whom the software may be effective. 

What you really want to know: can I secure the data on the device, can I secure access to the device and how do I keep the devices secure and virus free for the maximum uptime?

How Apple secure's data:

Apple can secure your data at rest on the OS X device via a built in feature called FileVault. FileVault is an encryption method on OS X that can be implemented very easily, either via your IT department our by the user themselves.  Basically, FileVault prevents access to documents and other data that is stored on your hard drive with XTS _ AES 128 encryption. It does this by creating a new volume standard on the drive called OS Extended (Journaled, Encrypted) and using the users login password to lock the disk. When you switch it on, you are given the opportunity to allow your iCloud password to unlock the disk, or a separate recovery key. To this authors knowledge, there are no current reports of a FileVaulted disk being accessed by a 3rd party without the password or recovery key. There are also institutional methods that can be used to store and deploy FileVault in the Enterprise setting. What is key here is that this feature is built in: there is no additional purchase of software to keep your data secure and to switch it on takes a few minutes. 

For more information on FileVault ( including how to switch it on ) see:

How do we keep the user from installing harmful software. 

So, you have a clear method to keep the data on the device safe, what about managing the software that gets installed on the device. Securing the device against unauthorised software is a key aspect to keeping the devices running correctly, and securely. For this, Apple has a built in feature called Gatekeeper that examines the source of the software before the user can install it. It limits the ability of a user to download and install potentially harmful software onto their Mac via a very simple interface of choices: Mac App store Apps only, Mac App Store apps and Apps from an identified developer and from Anywhere. This, like FileVault above, is built into OS X and does not require additionally purchased software to implement. 

For more information on Gatekeeper ( including how to switch it on and manage it ) see :

A final feature to mention would be that OS X prevents hackers from harming your programs through an inbuilt concept called “Application Sandboxing”. Sandboxing restricts what actions programs can perform on your Mac, what files they can access, and what other programs they can launch. You can think of it as isolating the applications on OS X so they can’t speak and communicate with each other: except through specific, highly controlled channels. 

How do we keep OS X secure and maximise uptime:

Along with Application Sandboxing, the best way to keep OS X secure and functioning correctly is design the system to be tamper proof. Computers are traditionally NOT tamper proof, and this is both a plus and a minus since to make it tamper proof is to limit someones ability to customise the operating system to their needs. What is a fair medium to to make the operating system editable by only registered developers and Apple itself: the only people that can drastically edit and tamper with the operating system are persons authorised to do so. 

New on ElCapitan is a feature called System Integrity Protection. What System Integrity Protection does is restrict all the user accounts and limits that actions that any user can perform on protected parts of OS X. Because of this limitation, any software or user that tries to modify the core system items of the device will not be able to, meaning that the devices’s core system remains tamperproof. In effect, the operating system therefore becomes isolated from the user data on the device, meaning that it runs more securely and has less opportunity to be effected by users or malicious software on the device. 

Apple are really the only ones that are able to drastically edit this part of the system, and they do this via the Software Update function. So Apple keep the operating system running in good order by limiting the modification of the core OS items and  encouraging you to run updates whenever available. This is great because it means that OS X is maintained via the simple process of a user running software updates.

So, fundamentally, OS X is a very secure operating system that has advanced, built in technologies that keep it and the user secure. It is designed with a suite of technologies that all work together to consistently monitor, update and encrypt the content of each device. 

In Part 2, I will look at how your Mac will integrate with existing systems that you may be running in your business.