Tuesday, June 3, 2008

Leopard Security Guide

Apple released a 3.4MB PDF security guide, detailing on how to secure Mac OSX Leopard clients. You can also refer to this ZDNet blog, where I first saw the posting about this guide.
Using this document might require you to be familiar with the Terminal command line style of enabling/disabling features.

The following are the list of topics in the guide:
  • Chapter 1, “Introduction to Mac OS X Security Architecture,” explains the infrastructure of Mac OS X. It also discusses the layers of security in Mac OS X.
  • Chapter 2, “Installing Mac OS X,” describes how to securely install Mac OS X. The chapter also discusses how to securely install software updates and explains permissions and how to repair them.
  • Chapter 3, “Protecting System Hardware,” explains how to physically protect your hardware from attacks. This chapter also tells you how to secure settings that affect users of the computer.
  • Chapter 4, “Securing Global System Settings,” describes how to secure global system settings such as firmware and Mac OS X startup. There is also information on setting up system logs to monitor system activity.
  • Chapter 5, “Securing Accounts,” describes the types of user accounts and how to securely configure an account. This includes securing the system administrator account, using Open Directory, and using strong authentication.
  • Chapter 6, “Securing System Preferences,” describes recommended settings to secure Mac OS X system preferences.
  • Chapter 7, “Securing Data and Using Encryption,” describes how to encrypt data and how to use Secure Erase to verify that old data is completely removed.
  • Chapter 8, “Securing System Swap and Hibernation Storage,” describes how to secure your system swap and hibernation space of sensitive information.
  • Chapter 9, “Avoiding Multiple Simultaneous Account Access,” describes how to avoid fast user switching and local account access to the computer.
  • Chapter 10, “Ensuring Data Integrity with Backups,” describes the Time Machine architecture and how to securely backup and restore your computer and data.
  • Chapter 11, “Information Assurance with Applications,” describes how to protect your data while using Apple applications.
  • Chapter 12, “Information Assurance with Services,” describes how to secure your computer services. It also describes how to protect the computer by securely configuring services.
Although out of the box Macs are more secure than Windows, this however should not lead to complacency. One should still secure it, to ensure the safety and integrity of the information stored in your Mac.

Previously, I've also written a post here on the bare minimum security to be enabled on Tiger. I did not write one for Leopard as it is quite similar to Tiger. Just that the steps are slightly different due to the different operating systems.

No comments:

Visit Rhinestic's Knick Knacks @ Etsy for handmade goods and supplies!

Related Posts Plugin for WordPress, Blogger...