Set a screensaver lock to come on the system after a designated amount of time. This tool installs in < 5 minutes and will have users logging in with their AD credentials.Ģ. A free and easy tool for AD authentication on Macs is Powerbroker Identity Services - Open Edition. This in itself is a prime solution to the security loophole, as the loophole only affects local accounts. Instead, require that user authentication is done using Microsoft Active Directory, where users login using a centrally-managed account. Don't have users login with their local accounts. So keeping users on Snow Leopard or earlier versions of OS X isn't an option. So what can IT administrators do to mitigate this loophole? Certainly Mac users want to and will use the latest version of Mac OS X that's available. When a user leaves his desk, anyone that knows this process could jump on the machine and change the password to anything they wish. This obviously opens up the system to insider threats-and presents a glaring compliance concern for organizations responsible to adhere to SOX and PCI regulations. It's no secret that Apple has been on a tear in the consumer markets, and the enterprise market is not far behind.īut what about the security concerns presented by Macs in the enterprise? A password security hole was discovered in Mac OS X 10.7 Lion where a user's password can be changed without knowing the current password, and without restarting the system. Studies have shown as much as 94.7% growth in the "very large business" category. ![]() More and more Macs are cropping up in enterprise IT environments.
0 Comments
Leave a Reply. |