Nobody protects Macs, not even Steve Jobs

Macs are banned from many government departments because there aren't any 'approved' applications to encrypt them. So why doesn't Apple CEO Steve Jobs do something about it?
Written by Liam Tung, Contributing Writer

Macs are banned from many government departments because there aren't any 'approved' applications to encrypt them. So why doesn't Apple CEO Steve Jobs do something about it?

In the US last week, The National Health Institutes banned MacBooks from being used by staff because they lack an approved encryption tool to protect client information, according to a report in InformationWeek.

And why doesn't Mac OS X have a full disk encryption tool yet? Well, technically it does. Leopard offers Disk Utility with 256-bit AES level encryption. The problem is that Disk Utility has not been sanctioned by the US government.

Meanwhile, one tool that has been approved for use in the US is Check Point's Pointsec, but it's only available for PCs and Linux — not Macs. There are rumours of an alpha version of Pointsec for Macs but don't hold your breath, according to Check Point engineers.

"I can't say whether it will be one year or two years but we are absolutely committed to providing support, for Windows, Linux and Mac platforms," Steve MacDonald, engineering manager for Checkpoint Australia, told ZDNet.com.au.

But what will happen in 2010? Two years ago AVG said it was building antivirus for Mac OS X. I asked their CTO about it recently, but the plans had not progressed — instead there was an excuse about getting the product right and waiting for the market to be ready.

It's not a bad viral marketing strategy — start a rumour about a product and let the chattering masses execute the hype campaign. Even the bad guys do it, releasing a beta threat and letting security vendors do their marketing.

The only company that doesn't appear to be promoting Apple is Apple. Surely its shareholders must be wondering why more Macs aren't being sold in the lucrative government sector.

In Australia, any government organisation that needs to encrypt information on laptops will not be using Macs. Government agencies rely on several encryption products that have been evaluated by the Defence Signals Directorate — none support Apple Mac OS X.

So where does this leave Macs? Well, as they still only make up a small percentage of the overall computing landscape, they can probably still rely on the security-by-obscurity model. Unless, Jobs were to invest, volunteer, or donate a few of his choice developers to work with Check Point and fast track a version of Pointsec for OS X.

Or maybe, Macs are simply unsuited to the enterprise. I asked John Wadeson, CIO of Australia's welfare agency Centrelink, whether any of his 27,000 staff use Macs. He said: "We use Windows laptops because of their compatibility with our systems, platforms and wider network". He said it was "standard practice" to not carry any information on laptops. The Australian Tax Office responded by saying that Macs are only used in its design department — the rest are Windows systems.

Check Point's McDonald hopes there will one day be enough demand for Pointsec for the Mac but that could take years.

I'm certain Apple's Jobs could speed that process up by prodding Check Point into creating an encryption tool, and then lobbying the government to evaluate it.

Then again, recent evidence suggests a Mac's defences are not difficult to get past, so perhaps the only thing maintaining the appearance that Apple computers are more secure is the fact that hackers really can't be bothered attacking a platform with such a small user base.

Editorial standards