Thursday, May 13, 2010

Do Macs need Anti Virus

There was recently a frenzy of discussion internally here at CMIT regarding whether or not MACs should be running AV.  The conclusion?  Risk versus cost (not surprising).  The risk of getting a virus on a MAC is REAL.  Don’t let anyone ever tell you they don’t catch them; they do!  We have had to manually removed viruses from MACs and IT IS NOT FUN (translation if your paying us hourly this will be expensive).  On the other side AV software does use resources, so you will loose some performance or need to add more memory or processor speed to compensate and their is the nominal cost of the software itself. 
Below four of our top Technical Specialist wiegh in on this topics.  Read on if you want to know more so you can make your decision.

Specialist One says “best practices for Macs connected to business networks -- my stance is that we should go ahead and require AV software on them. If we're requiring any Windows machines to have AV, I don't see any reason Macs shouldn't have them.
I'm asking only because in the past I've experienced a lot of push-back from Mac users, complaining that there aren't any viruses out there for Macs, they're safe, it's a Windows-only problem, etc.
Seems stupid to me; just because something doesn't exist today doesn't mean it won't tomorrow, especially with them gaining the market share they have been lately. In fact, Apple's one of the slowest to respond to and patch security issues as they crop up, so I really believe it's only a matter of time...”
Specialist Two says “ Macs come under the scope of endpoint protection as much as any other desktop. Personally, I don’t run AV on my mac, but Its not really my “daily driver” as I do all my work in a VM (Windows 7 running AVG 9.0).
From a system management perspective, if you have a mac workgroup and they regularly exchange data via email/shared folders, especially if it’s a mixed PC/Mac environment, there should be some kind of AV deployed to the macs. Reason being, an unprotected Mac can be an attack vector if its got an infected file on its hard drive and its available to PCs.
That being said, our one large Mac deployment runs Sophos AV. It’s a mixed-platform AV solution that also allows central management. By and large the AV offerings from the major vendors are horrendous and run especially terrible on newer Macs. My recommendation is if you are going to deploy AV on a mac workgroup, forego active scanning completely and settle for a daily minimal scan on hot folders (downloads, documents, user home folders) and do a weekly full sweep of the hard disks. “
Specialist Three says “ AV software on Macs are not nearly as advanced or effective as their Window’s counterparts. They are also serious performance hogs. A reliable Time Machine backup (which we do for all our Macs) and common sense is more practical and effective for now. In the past 3 years, we’ve only had to remove one virus and that was a Microsoft Word macro attack.
AV will eventually have a place on Macs. Just not yet. Backup, basic security and good practice is more effective at this point.
Time Machine is built into OS X. Connect an external hard drive, configure it through System Preferences and its on its way. It provides hourly backups for the last 24 hours, daily for the last week and weekly beyond that. Plus a slick easy to use interface to do restores. No cost other than the hard drive itself. No off site component but we’re talking about a desktop backup. All critical information should be stored on a server/NAS drive and backup up offsite via Guardian Secure/Secure Plus.”
Specialist Four says ”Why would you not want to protect yourself?  It makes absolutely no since to me whatsoever.  So this is true, most viruses are written to exploit Internet Explorer.  This is not to say that viruses are not written to exploit Safari.  Data is your most important asset, especially your personal data.  I think he really needs to re-think his stance on this, especially if he is telling this to his clients.  I have removed viruses from my wife's work machine, my father MAC (he hardly even uses the Internet and picked something up through email), my brother's MAC, and we even had that client that through her keystrokes were being logged.  Every single one of these did not have AV, and they also had the stance that MACs don't get viruses.  I think I can go on and on about this, but you get my point.”

No comments: