Security

The Mac is a Wonderful (and Secure) Platform

I’ve already received one e-mail from a reader pointing me to a blog post refuting the claims of security issues with the Mac . I suppose I should take some consolation in the fact that I’m not getting slammed harder for my first Mac vs. PC post, but I also think the above post helps point out the bigger issue. The argument has become so heated, that sometimes even the good points tend to get lost in the extreme spirit of the debate.

First of all, let me begin by saying that I’m not a security expert. Please refer to my first post for a better understanding of the realities of what I do. At this level of IT, we have to be something of a jack-of-all-trades, and I probably know just enough about security to be dangerous, but the same can probably be said about a lot of specialized IT subject matters. We know enough to get by. In my case, that knowledge has been good enough to get me through 15 years in this job without suffering from any major system outages or downtime to virus outbreaks. I think we’ve done a pretty good job so far, but I’m also not naïve enough to think that any of my systems are invulnerable, and I would never make that claim.

I had misgivings about going “negative” in last week’s post about Mac vs. PC, and in hindsight perhaps the article about the Macbook Air hack deserves greater scrutiny. I’m going to try to avoid this trap in the future. I think there are plenty of positive reasons to choose both platforms. The Mac is undoubtedly a very secure platform, and it’s become even more so in recent versions of OS-X. The fact of the matter is I don’t lose a lot of sleep worrying about my Macs getting hacked. However, is there really anything wrong with pointing out flaws where they do exist, and perhaps letting Apple know that for those of out here in the trenches – security does matter?

Should the negatives come into play in this discussion? Certainly they should. Any time we make a big decision in IT we try to weigh the pros and cons of several options, so the negative factors are something we must consider. The problem with being negative in this discussion is that you’re immediately perceived by the other side to be a “basher”. I can assure you that is not the case with me.

My bigger point in terms of the Mac vs. PC debate is that the argument itself has become too bitter. Case in point being the article at the top of this post – the writer is obviously a big fan of the Mac platform, and I certainly have no issue with anyone having that opinion. However, when you start writing about the “prejudices of an idiot public” and “Microsoft’s criminal actions against its customers”, you run the risk of losing me. I’m simply not willing to go that far in supporting either platform, and personally I think it’s going too far. I also think it’s too bad, because the article itself makes some genuinely good arguments, but when the author goes over that edge into what I’d call extremism, sometimes those good arguments tend to get lost on me.

There are some things I would like to see both Microsoft and Apple do differently. For now, out of fear of inciting either group I’ll avoid those topics. I will save them for a rainy day, because I do think those topics are worthy of discussion.

I’ll say it again. I have plenty of good reasons for purchasing Macs. I have plenty of good reasons for purchasing PCs. Perhaps outlining those reasons would make good topics for my next couple of posts.

Streaming and the NCAA Tournament Coverage

What better day to discuss the issue of streaming audio/video than today? With the NCAA Tournament upon us, and CBS offering up every game at no cost, there will undoubtedly be more than a few of our users who decide to spend the afternoon keeping track of their bracket selections.

We’ve tried blocking this type of traffic in the past, but any such efforts on our part have not lasted long. The reality of our business is such that we need to ability to view or listen to streaming video/audio in order to do our jobs. We have Public Relations and Public Affairs people whose jobs require them to monitor local and national media for breaking stories. We have Creative and Account Service people who routinely use YouTube for viewing the latest commercials created for both our own clients and our competitors. As a result, any efforts to block this traffic have been short-lived.

We’ve tried monitoring tools, using both software and/or hardware to attempt to keep tabs on streaming in order to cut down on the non-productive uses (today’s basketball games would be a great example). The problem with monitoring is that it can get expensive. We’ve got 5 different external pipes we’d have to monitor, so any appliance-based solution would require 5 pieces of hardware to monitor all the access points. Furthermore, it requires somebody to watch things, and none of us really have the time to sit at our desks and monitor real-time streaming. When we have done this sort of thing, generally the only time we check is when we’re hearing complaints about things being slow. Today might be an exception, but at the moment we’ve basically given up.

I’ve always resisted the urge to have IT personnel act as “cops” when it comes to these types of productivity issues. We do have a policy against non-business use which covers this type of thing, but as far as actively monitoring, I’d much rather have my guys spending their time fixing things and finding ways to increase productivity than acting as a high-priced police force. If we can find some ways to monitor things without breaking the bank, great but otherwise we’ve got better things to do. Personally, I feel very strongly that it’s the job of management to keep tabs on their own personnel, and I think it’s a bit of a cop out for folks to expect IT to do that job for them. If an Account Executive is wasting their time watching basketball games or viewing non-work related videos on YouTube, I would expect that to be reflected in their job performance. IT might be called in to verify that type of activity is occurring, and I’m perfectly ok with that. I just don’t believe that we should be the ones bringing productivity issues to the attention of managers. It should work the other way around.

How does your company handle these types of issues? Do you monitor? Are you doing anything special with regards to blocking the NCAA tournament coverage?