|
Requirements for Securing a Macintosh (OS X) Computer that Processes
Sensitive Information |
|
Minimum requirements
to ensure that your Macintosh is compliant with the University Sensitive Information Protection Policy.
|
|
1.
Install
antivirus software. Norton
Antivirus software for the Macintosh can be obtained from the university’s
download site (http://nav.gsu.edu). 2.
Use
a firewall. You must
minimize the risk of a network service exploit by properly configuring the Mac
OS X firewall (ipfw). Turn on all of
the advanced firewall settings (Block UDP Traffic, Enable Firewall Logging,
and Enable Stealth Mode) clicking on the Advanced tab and checking the
boxes.
3.
Choose
a secure password. Passwords should: - be changed at
least every 90 days Hint: A strong password might look
something like: P@$$w0r$ 4. Critical software and operating system
updates will be installed in a timely manner. Mac OS X can download software updates directly
from Apple automatically. 5.
Operate
an Operating System Screen Saver Password on the computer. Use
the Mac OS X screen saver (Screen Effects). Turn
on the screen saver from within System Preferences (it has its own panel) via
the Activation tab — configure it to ask for your password before releasing
the machine. 6.
Check
the credentials of anyone asking for information about your computer. 7.
With
the exception of non university Instant Messaging (IM), peer to peer (P2P), and
Internet Relay Chat (IRC) software, users can install software/applications that
have been approved by the organization’s technology representative and/or information
technology manager. 8.
Set
a Firmware password by downloading and running the Open Firmware Password
application in accordance with Apple’s instructions. Instructions for installing/configuring the
firmware password protection for the Open Firmware Password application can
be found at: http://docs.info.apple.com/article.html?artnum=106482 Version 1.0.2 of the Open Firmware Password
application is only for Mac OS X 10.1 though 10.3.9 and can be downloaded
from http://www.apple.com/support/downloads/openfirmwarepassword.html For Mac OS X 10.4 or later, you must use the
updated version of the Open Firmware Password application that can be copied
from the software installation disc (located at /Applications/Utilities/ on
the disc). 9.
In
accordance with the principle of least privilege, users will only use minimal
user profile privileges on computers that are based on users' job necessities
(default is to deny access). 10. File an Incident Report to report any
suspicious activity on your machine by sending an email that contains the
following information to help.gsu.edu. a)
Type "Security Incident - High Priority" in the
subject line of the email. b)
Give the date the incident occurred. c)
Describe the incident. d)
Optional: If you know your IP address, or the IP address
of your attacker, please include. e)
Provide contact information such as your name, phone
number, and department.
Help: If you have questions, or need assistance,
please contact Information Security (security@gsu.edu) or the |
