Categories
Security

Two-factor authentication

If you’ve been putting off enabling two-factor authentication (2FA) on your internet accounts, you shouldn’t. 2FA is one of the simplest and quickest ways to protect your online presence. You need 2FA because it’s just too easy for a hacker or other bad actor to obtain your username and password. The most common method to…

Categories
Security

Security Through Obscurity

  Tomorrow Apple is holding its big media event to debut the new iPhone, Apple TV, and Apple Watch. Unfortunately, the details of these products were leaked. According to John Gruber, a disgruntled Apple employee obtained the URLs to the device “golden master” firmware and sent the URL list to 9to5Mac and MacRumors. This leak…

Categories
Security

Backup strategy for Mac ransomware

  Macs are not immune to ransomware. The first functional Mac ransomware was found in the wild last year. A good backup strategy is critical if you’re hit with this type of malware. Mac ransomware will grow more sophisticated over time. With this in mind, here are a few tips: Assume that any connected backup drive…

Categories
macOS Server Security

Alternatives to Profile Manager for Macs

  Apple’s Profile Manager is an example of a Mobile Device Management (MDM) system. Despite the “mobile” designation, many MDM systems can manage desktop computers. The Profile Manager is no exception. It can be used to centrally configure and lock down Macs, iPhones, iPads, and Apple TVs. While there are a huge number of MDM vendors for iOS devices,…

Categories
macOS Security

NIST SP 800-179: Securing Apple OS X 10.10 Systems

  I noticed that NIST recently published the Draft Special Publication 800-179: Guide to Securing Apple OS X 10.10 Systems for IT Professionals. I’m looking forward to reading it. The public comment period is June 23 through August 15th, 2016. The authors are careful to note that the recommendations only apply to 10.10, Yosemite. (System Integrity Protection,…

Categories
macOS Security

Ditching Adobe Flash on the Mac

  While I’ve kept Flash updated religiously over the years, last month I finally reached the point where the plugin was adversely impacting my Mac Pro’s performance. So I uninstalled Flash. This rectified the stutters and I eliminated one of the Mac’s most vulnerability-plagued pieces of software. Here’s a list of vulnerabilities that have been discovered in Flash…

Categories
Security

iCloud Keychain vs. 1Password

  There are several password manager products available for the Mac and iOS. In this post, I’ll focus on iCloud Keychain (free) and 1Password 5 ($49.99 for the Mac app). There are other popular options, such as LastPass and Dashlane, which store your passwords in the cloud. While it’s theoretically safe to store your data encrypted in the cloud,…

Categories
Security

Little Snitch first impressions

I started using Little Snitch (version 3.5.1) a couple of weeks ago. It’s software firewall for the Mac, with a primary focus on outbound connections. This is also known as a reverse firewall. There are many thorough reviews of Little Snitch available on the web, so I’ll just add my impressions: This is not a…

Categories
Security

PingFederate Consulting

MacMaven Consulting offers PingFederate architecture, installation, and support services. In the first part of our SSO series, I explained what SSO is, and the special flavor of SSO called federation. In this post, I’ll give a brief introduction to PingFederate. PingFederate, a product of Ping Identity, is one of the most popular enterprise solutions for…

Categories
Security

SiteMinder Consulting

MacMaven Consulting offers SiteMinder architecture, installation, integration, development, and support services in the New York City area. Introduction to SSO Many large corporations have turned to off-the-shelf software for handling their SSO (single sign-on) needs. You have experienced SSO on web sites, even if you haven’t noticed it. SSO is used to jump from one…