While my regular clients hire MacMaven for IT and information security work, I often get calls from new clients with computing problems. An analogy could be made with plumbing. A plumber’s big jobs involve installation of pipes, sinks, showers, etc. Oftentimes a plumber is called to deal with a clogged toilet. These are the…
Category: Security
Posts about information security
Categories
CISO vs Director of Information Security
Companies that require information security leadership typically hire someone in a CISO or Director of Information Security position. You might be wondering what the differences are between these security top dog roles. At their core, they have the same responsibility – to protect a firm’s data and systems. However, what a recruiter or job ad…
In the latest versions of iOS 11 and macOS High Sierra, you now have the option of storing your iMessages in iCloud. There are two benefits. First, your messages are synced across your devices. When you delete a conversation on one device, the conversation is deleted on all your devices. Second, your older messages…
In light of the recent Facebook data harvesting incident, I took a closer look at developer access to the Contacts app in macOS and iOS. The first time you open a third-party application that wants access access to your contact info, you’ll get a prompt asking for your permission. It’s bad enough that the app…
Categories
Should I know my employees’ passwords?
If you’re a business owner or manager, you might feel that it’s your duty to maintain a list of your employees’ passwords. After all, you might need access to their documents or email when they are out of the office. Even worse, an employee could resign without notice. So knowing their passwords seems the logical…
Categories
Meltdown and Spectre vulnerabilities
It’s now more important than ever to keep your Macs and iOS devices fully updated. Apple has addressed the Meltdown vulnerability in High Sierra 10.13.2. A supplemental update to 10.13.2 addressed the Spectre vulnerability in Safari and Webkit. Apple has also released Safari 11.0.2 for Sierra and El Capitan. Note that Apple has not…
Categories
Two-factor authentication
If you’ve been putting off enabling two-factor authentication (2FA) on your internet accounts, you shouldn’t. 2FA is one of the simplest and quickest ways to protect your online presence. You need 2FA because it’s just too easy for a hacker or other bad actor to obtain your username and password. The most common method to…
Categories
Security Through Obscurity
Tomorrow Apple is holding its big media event to debut the new iPhone, Apple TV, and Apple Watch. Unfortunately, the details of these products were leaked. According to John Gruber, a disgruntled Apple employee obtained the URLs to the device “golden master” firmware and sent the URL list to 9to5Mac and MacRumors. This leak…
Categories
Backup strategy for Mac ransomware
Macs are not immune to ransomware. The first functional Mac ransomware was found in the wild last year. A good backup strategy is critical if you’re hit with this type of malware. Mac ransomware will grow more sophisticated over time. With this in mind, here are a few tips: Assume that any connected backup drive…
Apple’s Profile Manager is an example of a Mobile Device Management (MDM) system. Despite the “mobile” designation, many MDM systems can manage desktop computers. The Profile Manager is no exception. It can be used to centrally configure and lock down Macs, iPhones, iPads, and Apple TVs. While there are a huge number of MDM vendors for iOS devices,…