NSA gives security guidance for Mac OS X

The National Security Agency has posted a 109-page document on its Web site telling agencies how to securely install and use Apple Computer Inc.'s Mac OS X Version 10.3.x operating system, code-named Panther.

NSA notes that the document is a security guide and 'not meant to replace well-structured policy or sound judgment.' It warns administrators to test only in a non-production environment as similar as possible to the architecture where the OS will be deployed.

In addition to the guidance for secure installation and partitioning of locally administered, networked Mac OS X systems, NSA provides details on system settings, user accounts, Mac OS X Keychain Access and file encryption.

The default settings for the Panther server version are not as locked down for security as the client version, NSA says. It calls for 'very strong user passwords' for Apple's FileVault encryption routines.

NSA plans to issue later guidance for using Mac OS X systems with authentication through the military's Common Access Card and other government smart cards.

The agency's site also offers a number of software downloads as-is, with no warranty implied, such as security-enhanced Linux, patches to the Linux kernel, utility patches and some new open-source programs under the Gnu General Public License.

Featured

  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected