The idea that Macs or any other computer are immune to Viruses, Malware, or other forms of malicious code is Interesting but completely wrong. There is no such thing as a secure computer that talks to the internet, exchanges data with a device, or operates by a human being. In recently reading an article in the Houston Chronicle, I felt I needed to address some of the author’s misconceptions again, and some of the readers like to make.

get

Misconceptions that I have heard over and over again from many sources: (See bottom of Page) On reader stated, “Security means you minimize the amount of code the “other” people can cause to execute.” Not true; this is not security; this is an exploit vector. The only way to ensure that only valid code will ever run on a computer is to turn it off or use something called Application White-Listing.

Simply put, security means protecting assets from risks; IT Security means protecting employee’s private data, company assets (intellectual property), and customer data from losses, whether accidental or malicious, based on risks. The same reader stated, “When a virus comes into your computer, it has the same permissions to run code as you do.”

Partially true, some viruses do this, many others do not, and the malware will execute code that takes advantage of bugs in code (Buffer Overflow) or design flaws in code that allows the attacker to elevate privileges and run their attack as “admin” or to execute at the System or Root level access of the operating system, in other words, full control.

The majority of people fail to understand that a large majority of attacks and the growing trend in attacks are all about bypassing security and elevating privileges to execute malicious code and take control of the asset. You do not need administrator-level rights to get hacked., and theattacker will use exploits that allow them to infiltrate the system and execute their code as admin. All you need do is open a web page or a malicious e-mail, and the attacker will take care of the rest.

The only way a computer can be mostly immune to Malware is if a combination of System Hardening policies hardens that system, Patching Cycles, Anti-Virus, Firewalls, and Application White-Listing. You may or may not notice that here I just described a layered defensive posture or Defense in Depth.

Full disk encryptions would also be an effective defense against data loss but are not relevant to preventing malware and are also not relevant to the issues addressed in the article. A system operating as I just described has many hurdles in place that must be broken or bypassed to exploit that system successfully.

System Hardening Policies are a combination of company policies and standards, or best practices for the individual, that reduces systems vulnerabilities by configuring, disabling, and tuning specific services as needed and disabling the unused or irrelevant services. A service that is disabled cannot be exploited. This tactic, while good, is not enough.

Patching Cycles are also important. Most people and vendors tend to only focus on patching the operating system. This is OK, but most active exploits today take advantage of vulnerabilities in applications like web browsers, Adobe products, and thousands of different applications. There are free personal use services like Secunia that will tell you about the patch status of all applications and your operating system. Secunia is one of the most trusted names in IT Security, and they have free products for the individual. While patching is important and will close many holes, patching alone is still not good enough by itself.

READ MORE :