"MacOS X Security Configuration for Version 10.5 Leopard"

[Dan Updegrove <updegrove () GMAIL COM>]

Colleagues,

Apple has just released a timely and important publication, given the
recent resurgence of Macintosh computers in higher education --
especially wireless notebooks -- together with long-standing issues
about the role of MacOS in the enterprise. "MacOS X Security
Configuration for Version 10.5 Leopard," is a 240-page guide created
with the assistance of the National Security Agency, the National
Institute of Standards and Technology, and the Defense Information
Systems Agency.

http://images.apple.com/server/macosx/docs/Leopard_Security_Config_20080530.pdf

The document is well-organized and clearly written, although in its
entirety it will be heavy going for the "average" non-technical user.
As Apple states

"This guide provides an overview of features in Mac OS X that you can
use to enhance security, known as hardening your computer.
This guide provides instructions and recommendations for securing Mac
OS X version 10.5 or later, and for maintaining a secure computer.

"Target Audience
This guide is for users of Mac OS X v10.5 or later. If you're using
this guide, you should be an experienced Mac OS X user, be familiar
with the Mac OS X user interface, and have some experience using the
Terminal application's command-line interface. You should also be
familiar with basic networking concepts.

Some instructions in this guide are complex, and deviation could
cause serious adverse effects on the computer and its security. These
instructions should only be used by experienced Mac OS X users, and
should be followed by thorough testing."

I anticipate every Information Security Office will want to download
a copy and determine how best to utilize this information to inform
Mac users and to enhance security in campus environments.

Regards,

Dan Updegrove