{"id":19597,"date":"2022-07-14T07:10:06","date_gmt":"2022-07-14T15:10:06","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2022\/07\/14\/news-13330\/"},"modified":"2022-07-14T07:10:06","modified_gmt":"2022-07-14T15:10:06","slug":"news-13330","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2022\/07\/14\/news-13330\/","title":{"rendered":"Endpoint security for Mac: 3 best practices"},"content":{"rendered":"

Credit to Author: Bill Cozens| Date: Thu, 14 Jul 2022 14:35:10 +0000<\/strong><\/p>\n

If you\u2019re one of the 50% of small and medium-sized businesses (SMBs) that use Mac <\/a>devices today, chances are your IT and security teams have a ton of Mac endpoints to monitor. <\/p>\n

Securing that many endpoints can get really complex, really fast, especially when you consider that the common wisdom that Macs don\u2019t get malware<\/a> simply isn\u2019t true: in fact, the number of malware detections on Mac jumped 200%<\/a> year-on-year in 2021. <\/p>\n

And it\u2019s not just malware you have to worry about with your Mac endpoints. <\/p>\n

Phishing attacks, vulnerability exploits, DDoS attacks, and much more threaten your company’s Macs at any time \u2014 and if any of them are successful, it could cost your business millions in lost productivity and information theft<\/a>. <\/p>\n

Needless to say, these are a lot of different threats to deal with when it comes to Mac endpoint security. But Thomas Reed, Director of Mac & Mobile at Malwarebytes, is here to remind us of a few simple things we can do to make our Mac endpoints more secure. <\/p>\n

In this post, we break down three of Reed\u2019s best practices for endpoint security for Mac. <\/p>\n

1. Update frequently<\/h2>\n

As in the Windows world, one of your top priorities needs to be keeping your Macs up to date \u2014 and by now we should all understand why<\/a>. Just consider the fact that 60% of companies say breaches could have been avoided<\/a> if they had patched known vulnerabilities. <\/p>\n

Tracking and patching vulnerabilities on macOS, however, is a little more difficult to do than on Windows. <\/p>\n

While Microsoft regularly advertises its security updates with its Patch Tuesdays<\/a>,  Apple slips in patches on an ad-hoc basis \u2014 meaning MacOS admins need to put in a little more legwork to keep their devices up-to-date.<\/p>\n

To ensure that you know about the latest updates for your Mac endpoints, there are two things you should do.<\/p>\n

    \n
  1. Sign up for Apple\u2019s public security notifications and announcements mailing list<\/a><\/strong>. You\u2019ll get an email anytime Apple releases a patch for macOS.<\/li>\n
  2. Regularly check Apple\u2019s list of security updates and patches<\/a>.<\/strong> It provides patch names, patch information, affected devices, and release dates.<\/li>\n<\/ol>\n

    Additionally, if you\u2019re like most businesses and find that having no common view of assets is causing you major delays in patching, you should consider a vulnerability management solution<\/a> that gives you instant visibility into potential vulnerabilities<\/a> across your macOS environment.<\/p>\n

    2. Use a DNS filter to stop web-based attacks<\/h2>\n

    Since Macs have a much smaller amount of \u201ctraditional\u201d malware attacking them compared to Windows, you might think your endpoints are in the clear of cyberattacks. <\/p>\n

    Not so. <\/p>\n

    Instead of file-based malware, a lot of Mac users get attacked with adware<\/a> and PUPs<\/a> that are typically delivered through a number of web-based scams. These threats can throw advertisements up on your screen and slow your computer down, among other things.<\/p>\n

    OK, that sounds annoying. But surely a few advertisements aren\u2019t too big a threat to your Mac endpoint security, right? Not quite<\/a>, says Thomas Reed.<\/p>\n

    \u201cSome of the adware out there is more sophisticated than most of the malware that we see for Mac,\u201d Reed says. \u201cIt can do all kinds of stuff, like sending all your network traffic through a proxy or changing system settings to be less secure.\u201d<\/p>\n

    Reed also mentions that a lot of adware and PUPs are part of the payload of scam sites that direct you to some kind of installer that you download \u2014 and so having some sort of web-based protection is vital. That\u2019s where DNS filtering comes in<\/a>.<\/p>\n

    \u201cThe source of all of these kinds of attacks is through the web, and DNS filtering can help with that by blocking some of those sites,\u201d Reed says.<\/p>\n

    DNS filtering blocks connections<\/a> to malicious web servers attempting to deliver malware payloads, so any business interested in Mac endpoint security should have it. Learn more about the ways DNS filtering can save your business from cyberattacks<\/a>.<\/p>\n

    3. Don\u2019t rely on Mac AV – use EDR <\/h2>\n

    Since 2009, Apple has included a built-in antivirus (AV) technology called XProtect on all Macs \u2014 and while it\u2019s fairly good, there are a lot of threats that it doesn\u2019t detect (that a third-party would<\/a>).<\/p>\n

    \u201cYou can’t rely on the built-in antivirus that’s in Mac OS to do the job,\u201d Reed says. \u201cYou really need to have something else on top of that.\u201d<\/p>\n

    Even so, let\u2019s be overly generous and say XProtect and your third-party AV detects and removes every Mac malware threat. Throw in the fact that traditional AVs can\u2019t prevent sophisticated threats such as file-based malware<\/a>, and you just may be left wondering what you can do to best protect your Macs from damaging endpoint attacks.<\/p>\n

    Endpoint detection and response (EDR) <\/a>is the answer. <\/p>\n

    EDR gives you a real-time \u201cbirds-eye view\u201d of all of your Mac endpoints, so whenever something happens outside the norm, you isolate an endpoint, quarantine the threat, or remediate. This stands in stark contrast to more reactive signature-based solutions (like AVs) that allow malware to execute before working.<\/p>\n

    A key feature of EDR is its threat hunting capabilities. Read our Threat Hunting Made Easy eBook to learn<\/a> how to save hours every month on threat investigation and response.<\/p>\n

    Prevent your Mac endpoints from online threats <\/h2>\n

    With everything from security vulnerabilities to malware threatening your company’s Macs at all times, Mac endpoint security is high-up on the list of priorities for macOS admins. In this post, we explained how macOS admins can stay on top of their patching game and why having a DNS filter and EDR are so essential for protecting Mac endpoints from a variety of threats. <\/p>\n

    Want to learn more about what simple and effective Mac endpoint protection looks like in action? Watch the demonstration of Malwarebytes Endpoint Detection and Response (EDR<\/a>)!<\/p>\n

    The post Endpoint security for Mac: 3 best practices<\/a> appeared first on Malwarebytes Labs<\/a>.<\/p>\n

    https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

    Credit to Author: Bill Cozens| Date: Thu, 14 Jul 2022 14:35:10 +0000<\/strong><\/p>\n

    In this post, we break down three endpoint security for Mac best practices to help you prevent phishing attacks, DDoS attacks, and much more.<\/p>\n

    The post Endpoint security for Mac: 3 best practices<\/a> appeared first on Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[10468,2211,1001,26388,19941,10403,2130],"class_list":["post-19597","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-adware","tag-apple","tag-business","tag-dns-filtering","tag-endpoint-detection-and-response","tag-macos","tag-pups"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/19597","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=19597"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/19597\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=19597"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=19597"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=19597"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}