Over the last few years, macOS has gained an increasingly important role in enterprises. Bring-your-own-device (BYOD) and corporate-owned personally-enabled (COPE) policies have made it possible for employees to choose macOS as their preferred operating system. Macs quickly gained prominence in fields such as design and entertainment and gradually grew in popularity as a tool for developers as well.
With its solid Unix-based architecture and native encryption options, macOS running devices have long been considered more secure than their Windows running counterparts. And while this makes cyberattacks more difficult, it does not make them impossible. The very fact of their perceived invulnerability makes companies less likely to invest in their security, especially if they represent only a smaller percentage of an organization’s devices.
Many IT departments are wary of deploying additional software on macOS devices for fear of slowing them down or, in a worst-case scenario, causing kernel panics. However, this opens the gate not only to opportunistic malicious outsiders but also to data loss and theft by insiders. macOS’s strong security features do not affect the damage insiders, in particular, can wreak, because they are the devices’ authorized users. Human error is the third most common cause for data breaches according to the Ponemon Institute and IBM Security’s 2019 Cost of a Data Breach Report, accounting for 24% of all data breaches.
Data Loss Prevention, Endpoint Protector and macOS
Solutions such as Data Loss Prevention (DLP) tools help companies protect their data from internally-caused breaches by monitoring and controlling their most sensitive data and helping support their compliance efforts with data protection legislation. When it comes to macOS, few DLP products on the market have shown their commitment to macOS as Endpoint Protector has.
A truly cross-platform solution from the very beginning, Endpoint Protector’s development team has strived to build a powerful, easy-to-use tool that will help companies protect their data regardless of the operating systems their devices run on. Sixteen years later, our product has become one of the most trusted and widely used macOS solutions on the market.
The reasons for it are fairly simple: Endpoint Protector offers feature parity for macOS and Windows. This means that macOS-running computers get the same level of protection as those running on Windows.
For many other solutions, macOS is an afterthought added to much sturdier products built with a focus on Windows, but at Endpoint Protector, it’s a parallel process. We always work on new features for macOS and Windows at the same time, ensuring that, whenever there is an update, devices running both operating systems will benefit from it. Now, let’s have a look at some of Endpoint Protector’s best features for macOS:
Device Control Options
One of the easiest ways data loss can occur is through devices connected to a computer. Users can easily copy sensitive information onto USBs, smartphones, external drives, memory cards, or other removable devices. This means data can be stolen or transferred to devices whose security the company has not verified. Especially in the case of widely-used devices such as USBs, due to their size, they are often misplaced or forgotten, leading to potential data loss.
In recent years, USBs have become a popular infection tool used by malicious outsiders to attack company networks. By connecting a USB riddled with malware to an endpoint, they can bypass security features primarily aimed at protecting a computer from attacks launched via the internet and infect a computer and from there, the entire company network.
Endpoint Protector offers device control options that allow companies to limit, block, and monitor the use of USB ports and connected storage devices. These policies are extremely granular meaning they can be applied to particular computers, users, groups, or entire departments. They also include whitelists and blacklists for increased flexibility and the possibility of defining trusted devices. Read more about features like USB block for Mac.
USB Enforced Encryption
For companies who want to continue using USBs, Endpoint Protector offers the possibility to enforce encryption on USBs connected to a company computer. This means that an encryption solution can be deployed automatically to any trusted USB storage device connected to an endpoint. Once installed, any files copied onto the USBs will be encrypted with government-approved 256bit AES CBC-mode encryption.
The USBs can then only be accessed through passwords. This means that, should a USB be stolen or lost, the data on it would be inaccessible. The number of times someone can insert a password and an expiration date for it can be set. In case a password is compromised, admins can reset it remotely.
File Tracing and File Shadowing
Very useful for the assessment of the impact of data loss on a network as well as auditing, File Tracing allows companies to monitor data traffic between protected computers and removable devices. It logs transfers and actions taken on files such as renaming, deletion, access, modification, and more. Administrators can also exclude a file extension from tracing if needed.
The File Shadowing feature is an extension of File Tracing that saves a copy of all files that were flagged as violating security policies on the server for additional review. Both features can be applied to device control policies and those that monitor and control data transfers via the internet.
Protecting Source Code
For the tech sector, protecting source code is an essential security consideration. Not only because having it made public may give competitors a leading edge in the development of new products, but also because source code can be used by malicious outsiders to exploit vulnerabilities within their products.
Custom DLP policies can define source code as sensitive data and apply protection policies to it. However, many DLP tools struggle to accurately identify programming languages due to the complex libraries needed for it.
Endpoint Protector has revolutionized source code detection by implementing N-gram-based text categorization to identify programming languages with an accuracy rate as high as 98%. Once the source code can be accurately identified, DLP policies can be efficiently applied to monitor and protect it.
Download our free ebook on
Data Loss Prevention Best Practices
Helping IT Managers, IT Administrators and data security staff understand the concept and purpose of DLP and how to easily implement it.
