The information technology (IT) blogs and trade press are awash in articles about the bring your own device (BYOD) phenomenon. Many corporate system users have opted to provide their own Apple laptops over the more commonly employer-provided Windows laptops. The reasons and assumptions driving this behavior won’t be addressed in this review. But understanding the security features and requirements of this alternate platform is critically important, and Enterprise Mac security covers the key concepts and techniques needed to increase Mac endpoint (laptop) security. However, this book is not for the casual user of Apple MacBooks; it does require some technical background and understanding of the recommended OS X security features. Thus, the book is most useful for system administrators and policymakers who are responsible for corporate security where there are many employees who use Mac laptops.
The authors have extensive industry experience managing Apple systems, publishing about OS X, and presenting at security-related conferences. Their coverage of Mac-related security topics is comprehensive and well written, and includes numerous helpful screen shots and examples of the relevant OS X administrative tools. And the authors emphasize that OS X and MacBooks are not necessarily “more secure” than other laptops and operating systems; they correctly point out that misuse and careless configuration and maintenance can lead to security compromises regardless of a platform’s reputation.
This book, now in its third edition, focuses on the current OS X El Capitan (10.11) release, but the content is generally applicable to prior and future OS X versions. It begins with a “quick start” chapter, suitable for casual Mac users, that covers security basics such as system defaults, user and password administration, basic encryption, FileVault, and keychains. That chapter concludes with a “Best Practices” summary directing the more experienced readers and administrators to the more detailed later chapters.
Many of the chapters highlight basic Unix security concepts and settings, since OS X is indeed based on BSD Unix. So, administrators familiar with Unix will find many of the authors’ recommendations to be quite common and understandable.
Enterprise Mac security comprises five major sections: “The Big Picture,” “Securing the Ecosystem,” “Securing the Network,” “Securely Sharing Resources,” and “Securing the Workplace.” Of particular value are the chapters on protecting applications, combating malware, and detecting intrusions. The authors also discuss and recommend open-source tools to assist in access control, such as nmap, tripwire, snort, nessus, and even metasploit, although readers are cautioned to thoroughly understand and to use these programs carefully.
One difficulty with the book is the index, which omits references to many terms and concepts mentioned in the chapters, for example, the Unix commands. A more thorough index would be helpful to OS X administrators wanting to use the book as a frequent reference.
A puzzling omission by the authors, considering their experience with US government agencies, is reference to the US Defense Information Systems Agency (DISA) security technical implementation guides (STIGs) for OS X [1], and the Center for Internet Security’s Apple OS X benchmark [2], both of which provide additional valuable information and insight for OS X security (and not just for government users).
Overall, Enterprise Mac security is a valuable resource for securing Apple OS X, and is the most current and comprehensive guide for the El Capitan release.