Apple users say their Macs are a more secure working tool than Windows-based PCs. Historically, UNIX-based systems were less popular among users and hackers, so today many end-users and businesses (especially SMBs) tend to think that using Macs make them totally secure, without any extra measures necessary.<\/p>\n
Unfortunately, it\u2019s not exactly true. Aside from the fact that OS X have its share of bugs \u2013 Apple patches them in numbers on a regular basis \u2013 there are also global, non-platform specific security issues.<\/p>\n
If you\u2019re only responsible for your own hardware, all you have to care about is your own bank cards and personal documents. But what if it is a corporate hardware that is regularly used within your company network?<\/p>\n
Wi-Fi and Macs: avoiding trouble #protectmybiz<\/p>Tweet<\/a><\/blockquote>\n
Most remote workers are\u00a0a potential vulnerability in a corporate network. An infected device authenticated within the network puts the entire network at risk, possibly ringing alarms for the entire IT staff and security service (not just IT security) in the company.<\/p>\n
How<\/strong> it<\/strong> happens<\/strong><\/p>\n
A weekday morning. You\u2019re in your favorite coffee shop. You take your first sip of a coffee and you start waking up \u2013 finally. Then you open your laptop and check work e-mail, then social networks \u2013 of course. A nice beginning. Coffee\u2019s good too (keep in mind, though, that doctors don\u2019t recommend exceeding four cups a day). Ah, yes, there\u2019s a transaction to be completed before the end of the day.<\/p>\n
But there\u2019s a problem: most likely you\u2019re using an open \u2013 i.e. public \u2013 Wi-Fi.<\/p>\n
Pitfalls<\/strong><\/p>\n
Wi-Fi networks in the caf\u00e9 and other public places are usually secured in following ways:<\/p>\n
\n
- None. Unfortunately. So within the hotspot range (10-40 yards) it\u2019s no big deal for a crook to intercept your traffic with whatever confidential data it contains. The bad guy doesn\u2019t even have to be in the same room with you.<\/li>\n
- WEP (Wired Equivalent Privacy). A temporary key is used to encrypt the traffic. By analyzing 8-10 thousands of packets, a hacker can access next to any of the transmitted data.<\/li>\n
- WPA and WPA-2. Encryption is conducted with an individual key generated for every user It supports TKIP and CCMP encryption technologies. WPA is the best way of securing traffic<\/li>\n<\/ol>\n
Regardless, there\u2019s no guarantee that you are completely secure, even if WPA\/WPA-2 is used. There is a multitude of ways for hackers to access all of the data transmitted.<\/p>\n
There\u2019s no guarantee that you are secure on a public WiFi, even if WPA\/WPA-2 is used. #protectmybiz<\/p>Tweet<\/a><\/blockquote>\n
Some wildlife examples<\/strong><\/p>\n
\n
- You send an e-mail with the quarterly finance report to your colleague. If there\u2019s an attack going on, it is a malefactor who receives this report first; he then proceeds with reading and altering it then sends it on its way. Your colleague receives incorrect\u00a0data, thinking that it is you who sent it.<\/li>\n
- While you are connected to an open Wi-Fi, the malefactor retrieves your MAC-address, alters it and accesses your corporate network. Then it is all up to this network internal architecture, of course (i.e. how it is secured and segmented), but the first entry point is reached.<\/li>\n<\/ol>\n
These are not the only possible scenarios, but we\u2019ll try to secure ourselves.<\/p>\n
Bolt and bar the shudder\u2026<\/strong><\/p>\n
Automating the employees\u2019 security is better than running hours-long, exhausting drills on security. And we do our best to help here. In the latest version of Kaspersky Small Office Security suite OS X-based PCs are protected as well.<\/p>\n