“Macs are totally secure.”
“Macs don’t get malware.”
“Macs are way more secure than PCs.”
We hear these statements from clients all the time—most commonly from decision-makers pushing back on installing security tools like antivirus or DNS filtering on their Macs. While this is a common viewpoint, the truth is that Mac users are susceptible to cyber-attacks and Macs need all the same protection that Windows workstations need.
The most important thing to know is that the vast majority of attacks are not about the computer but about the human behind the computer. Social engineering and phishing attacks account for over 75% of cyber-attacks and those have an equal chance of succeeding on any operating system (even mobile).
While it is true that there are more known malware attacks on Windows computers than on Macs, this is partly a result of there being significantly more Windows machines than Macs out there. When an attacker wants to create malware with maximum impact, they usually choose to do so in Windows rather than spend time on something that will only affect less than 10% of users. However, as Apple continues to gain market share in the PC market, attackers are increasingly taking aim at macOS.
Other major vulnerabilities are also applicable to both platforms. If a user doesn’t have a strong password on their computer or if their disk is not encrypted, an attacker or thief can easily access the data regardless of the platform. Centralized enforcement of basic security measures like secure passwords or disk encryption are essential for all types of workstations.
One sure sign that macOS is vulnerable to security threats is that Apple regularly pushes out high-priority security updates. Everyone is familiar with Microsoft’s frequent security patches, but Apple does the same (albeit less frequently). Thus far in 2019, Apple has pushed out 10 major security updates for macOS, all of which were prompted by verified vulnerabilities. And at the most recent DEF CON security conference in August, Apple security research Patrick Wardle (who works for Jamf, the leading Apple enterprise management software) demonstrated the ease of defeating the anti-malware defenses in macOS.
Based on our experience and our research, we can definitively say that Macs and Mac users need all the same security measures that their Windows counterparts have. Basic security tools like antivirus, DNS filtering, password and drive encryption enforcement, automatic OS updates, and phishing testing and training are essential for computers and users on both platforms.