Nobody protects Macs, not even Steve Jobs

Nobody protects Macs, not even Steve Jobs

Summary: Macs are banned from many government departments because there aren't any 'approved' applications to encrypt them. So why doesn't Apple CEO Steve Jobs do something about it?


Macs are banned from many government departments because there aren't any 'approved' applications to encrypt them. So why doesn't Apple CEO Steve Jobs do something about it?

In the US last week, The National Health Institutes banned MacBooks from being used by staff because they lack an approved encryption tool to protect client information, according to a report in InformationWeek.

And why doesn't Mac OS X have a full disk encryption tool yet? Well, technically it does. Leopard offers Disk Utility with 256-bit AES level encryption. The problem is that Disk Utility has not been sanctioned by the US government.

Meanwhile, one tool that has been approved for use in the US is Check Point's Pointsec, but it's only available for PCs and Linux — not Macs. There are rumours of an alpha version of Pointsec for Macs but don't hold your breath, according to Check Point engineers.

"I can't say whether it will be one year or two years but we are absolutely committed to providing support, for Windows, Linux and Mac platforms," Steve MacDonald, engineering manager for Checkpoint Australia, told

But what will happen in 2010? Two years ago AVG said it was building antivirus for Mac OS X. I asked their CTO about it recently, but the plans had not progressed — instead there was an excuse about getting the product right and waiting for the market to be ready.

It's not a bad viral marketing strategy — start a rumour about a product and let the chattering masses execute the hype campaign. Even the bad guys do it, releasing a beta threat and letting security vendors do their marketing.

The only company that doesn't appear to be promoting Apple is Apple. Surely its shareholders must be wondering why more Macs aren't being sold in the lucrative government sector.

In Australia, any government organisation that needs to encrypt information on laptops will not be using Macs. Government agencies rely on several encryption products that have been evaluated by the Defence Signals Directorate — none support Apple Mac OS X.

So where does this leave Macs? Well, as they still only make up a small percentage of the overall computing landscape, they can probably still rely on the security-by-obscurity model. Unless, Jobs were to invest, volunteer, or donate a few of his choice developers to work with Check Point and fast track a version of Pointsec for OS X.

Or maybe, Macs are simply unsuited to the enterprise. I asked John Wadeson, CIO of Australia's welfare agency Centrelink, whether any of his 27,000 staff use Macs. He said: "We use Windows laptops because of their compatibility with our systems, platforms and wider network". He said it was "standard practice" to not carry any information on laptops. The Australian Tax Office responded by saying that Macs are only used in its design department — the rest are Windows systems.

Check Point's McDonald hopes there will one day be enough demand for Pointsec for the Mac but that could take years.

I'm certain Apple's Jobs could speed that process up by prodding Check Point into creating an encryption tool, and then lobbying the government to evaluate it.

Then again, recent evidence suggests a Mac's defences are not difficult to get past, so perhaps the only thing maintaining the appearance that Apple computers are more secure is the fact that hackers really can't be bothered attacking a platform with such a small user base.

Topics: Government, Apple, Government AU, Hardware, Health, Security

Liam Tung

About Liam Tung

Liam Tung is an Australian business technology journalist living a few too many Swedish miles north of Stockholm for his liking. He gained a bachelors degree in economics and arts (cultural studies) at Sydney's Macquarie University, but hacked (without Norse or malicious code for that matter) his way into a career as an enterprise tech, security and telecommunications journalist with ZDNet Australia. These days Liam is a full time freelance technology journalist who writes for several publications.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • What about PGP for OS X ?

    It's not full disk but surely it wouldbe recognised by the powers that be ?
  • Mac OS X Security

    Technically, Apple's Disk Utility does NOT provide full disk encryption. It can, however, create encrypted disk images. It is not FIPS 140-2 validated, an important cryptographic validation that many companies and most governments demand.
    PGP Desktop for Mac OS X is FIPS 140-2 validated.
  • Coolness Factor Maybe?

    I wonder if Apple doesn't want to be associated with what is seen (not meaning to stereotype) the "Government" and the grey slightly pov. cubicles that we see in every second movie. They market themselves as trendy and cool.

    Teenagers would stop buying ipods and move onto the next "radicle" and "edgy" company/
  • Nothing has changed...

    Ever since the Apple II e, Apple has chosen to go it alone. It never accepted the competition, and therefore still doesn't see the flaws in it's own products.

    After 20 years surely IT is not just about looking good! Apple is still a toys play field.

    It's about time Apple grew up!
  • HDD hardware encryption?

    Wasn't there a top-brand hard drive released just recently that used hardware-based encryption? Couldn't this be made compatible with Macs extremely easily? In which case almost any Mac can be retrofitted with one.
  • LOL

    I bet your just afraid you wouldnt know what to do with it. I use Gentoo Linux but i would take a mac over windows any day.
  • What a load of ....

    First of all.... what do you mean by lucrative govt contracts??? --- Does the term "lowest priced bidder" ring a bell. ????

    The govt buys cheap. Period. That is not where Apple wants to be.

    Second, I am sure there are numbers of ways that you can secure a Mac laptop, I use several. But the biggest weak link is the user.

    Third, -- toy?? Well I do run windows on my Mac to let my kid play games, but for real work, I run OS 10.5. Close your eyes to the future of computing if you will. So did the buggy whip makers. :-)

    An IT dept works to maintain my work pc, and I support my travel Mac. Guess which one is better maintained (hint, its the Mac.) And I spend very little time doing it cause its not required.

    Enjoy your PC. Most Mac users have NO problem with pc's being used in this world, we just do not want the aggravation of having to put up with them. LOL
  • how silly

    mac os x has had whole disc encryption for years, called filevault.