Categories
Security

Mac unified log collection options

It’s important for any business with more than a handful of computers to centrally collect security logs. Using a SIEM, situational awareness is greatly improved via event correlation and automated alerts. Apple provides a command line tool and an API to extract event logs. For those businesses that prefer commercial software, JAMF Protect sends MacOS…

Categories
Applications Security

Bitwarden password manager

I’ve been a fan of 1Password for years. It has served me very well, and I recommend it without reservation to most of my clients. Unfortunately, I had to stop using it because of DoD CMMC requirements. When storing CUI (controlled unclassified information), any cloud service must be either FedRAMP authorized or have FedRAMP-equivalent security.…

Categories
Security

Mac security log collection

In corporate environments, the collection and analysis of security logs isn’t just best practice. It’s often a compliance requirement. As with most business solutions, there are server and client components for log collection. The client software reads the security log generated by the operating system. The server ingests the logs sent by the clients. Additional…

Categories
Security

Clicking on links can be a risk

The safest way to visit a website is to type the address of the website (e.g., apple.com) into your browser’s address bar. If it’s a site that you visit frequently, bookmark it. Here are two common ways that attacks are initiated: A deceitful email contains a link to a phishing web page. The email is…

Categories
Security

QuickBooks Desktop and FIPS encryption

If you’re a DoD contractor, you might have tried to use the Windows “FIPS mode” with QuickBooks Desktop. Unfortunately, QuickBooks does not run when Microsoft’s FIPS-compliant encryption libraries are enabled. This creates a potential problem for contractors who need to be compliant with NIST 800-171 requirements. Data-at-rest doesn’t necessarily need to be encrypted (see 3.13.16),…

Categories
Security

NIST 800-171 compliance in Mac-based offices

If you’re a Department of Defense contractor in New York City, MacMaven Consulting can help your company attain CMMC certification. For those companies using Macs and still searching for security expertise, here is some advice from the trenches: Hire a consultancy that has extensive experience in information security, ideally at large businesses. If a firm’s…

Categories
Networking Security

VPN remote access

Working from home is the new reality under the threat of COVID-19. While large enterprises have had remote access capabilities for years, most small businesses haven’t addressed this need. Given that 34% of Americans work at a small business, it’s likely that millions of Americans aren’t able to work remotely. If you’re a small business…

Categories
Security

Should I worry about information security?

Most of my long-term clients have made information security an integral part of their computing. We spend significant time on improving the security of their systems. When I visit a new client, I know what to expect. There are almost always significant deficiencies in security controls. 20% of my new clients have adware/malware that they…

Categories
Security

Mitigate spoofed email

You’ve probably noticed that fraudsters spoof email addresses in their phishing attacks and other scams. They are probably spoofing your company’s email addresses too, sending messages to your customers and employees. While spoofed email using your domain name can’t be eliminated entirely, it can be reduced and/or marked as spam. You can also increase the…

Categories
macOS macOS Server Security

YubiKey smart card login with Open Directory

Yubico sells Mac-compatible USB authentication keys for two-factor authentication. Its YubiKeys support a slew of authentication mechanisms. I just started working with their FIPS-validated key for one of my clients. Yubico’s FIPS keys appear to be functionally equivalent to their YubiKey 4 series. (Yubico is currently selling the 5 series for those customers without a need for…