The National Security Agency (NSA) has posted Security Configuration Guidelines for Apple's Mac OS X 10.5 (Leopard) operating system.
The National Security Agency (NSA) has posted Security Configuration Guidelines for Apple's Mac OS X 10.5 (Leopard) operating system.While the agency's advice may not be sufficient to stop a government agency like, say, the NSA, from accessing one's Mac, it should significantly improve one's security posture against less capable hackers.
Don't access the Internet or read e-mail using an Admin Account. Admin Accounts should be used for system administration tasks only.
Use Apple's Software Update control panel to keep systems up-to-date. Set it to check for updates daily. In environments not connected to the Internet, verify that the SHA-1 digest of downloaded updates matches Apple's published digest.
In the System Preferences Accounts Pane, disable Automatic Login, User List, guest accounts, and sharing.
In the System Preferences Security Pane, set Require Password when waking the computer from sleep or a screensaver. Also, disable automatic login, use secure virtual memory, and disable remote control infrared receiver if present. Consider activating FileVault, particularly for portable systems.
In the Firewall tab, select "Allow only essential services." Click the Advanced button and enable Firewall Logging and Stealth Mode.
The NSA recommendations also cover securing users' home folder permissions, physical security, disabling IPv6, AirPort and other unnecessary services when not needed, disabling Setuid and Setgid binaries, configuring and using both firewalls, among other suggestions.
Building A Mobile Business MindsetAmong 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps – and it's past time for those with no plans to get cracking.