Saturday, January 29, 2011

Do you install antivirus software on Macs in organizational (corporate, education, etc) environments?

How many of you that oversee macs install antiviruses on them?

  • No, we do not use anti-virus software on our macs.

    We are a mixed environment: PC/Win + Mac + Linux.

    We only install anti-virus s/w on PC/Win machines.

    Our macs are running: 9 os x 10.5 ; 1 os x 10.6

    We are in a commercial/small business environment with about 10 macs to manage. The owner of the company (my direct manager) does not believe in mac virus software, and has been using exclusively macs for about 20 years.

    This is not intended as an argument for or against mac anti-virus software. This response is simply to answer the question who is and who is not running anti-virus software on mac machines.

    arrocharGeek : Could the person who voted me down please add a comment to let me know what I have done wrong here? I would like to correct it to protect my reputation. Is it the practice of not putting anti-virus on macs, or that my answer was somehow inappropriate for serverfault? I believe I answered the question thoroughly and concisely, how does that deserve a downvote?
    Dave M : Good comment. You simply stated an opinion and how you manage. Sounds like an answer for consideration.
    Bart Silverstrim : I'm guessing some people are very zealous in the idea that Macs aren't immune to viruses, but I'm guessing. I really wish that there was a way to encourage feedback on downvotes (such as losing more of your own rep if you just downvote but mitigate it by leaving a note why), but that's for meta I guess. I didn't downvote you so I don't know.
    John Gardeniers : As your original (unedited) asnwer was a direct answer to the question that was posed there can be no valid reason for a down vote. It is however an unfortunate fact that there are quite a few people on this site that down vote because they don't like the answer, even though they clearly haven't properly read the question.
    arrocharGeek : As you have seen, I've added more content, which hopefully gives readers better understanding of my answer. And much love to the folks who have seen that I was doing my best to create good content for this great site.
    arrocharGeek : @Bart: I agree with you - and thanks.
  • We do, though it is higher educational institution not a corporate setting. The thought is that even though there is a low risk of a Mac OS X virus outbreak, students still plug their potentially infected flash drives and external hard drives into the machines. Better it is cleaned on a Mac where it can't get infected by a Windows virus than on a PC where it might infect the machine before the AV has a chance to clean it.

    Dave M : +1 We do as well for stated reasons. In addition, Macs are becoming more of a target as many users don't belive there is a threat. More targets=more chance malware folks will target. We use Syamantec Corporate and SEPP
    mrdenny : Well said. All machines should have an AV installed no matter how low the risk.
    From MarkM
  • There's ClamAV on the Macs we have deployed (school environment, mixed PC/Mac) but no real-time scanning.

    Windows systems are using Deep Freeze to protect the filesystem (infected? Reboot) and if it's not frozen then yes there is a real-time antivirus on it.

    Bart Silverstrim : I'll also add that this might be better as a wiki question, since it's rather subjective depending on perspective and seems to be more of a poll. We've had cases of viruses/malware that weren't caught by AV because updated sigs weren't available yet, and other times even IF updated the AV doesn't catch them. In large environments, having to oversee anti-malware efforts could easily be a dedicated job, scanning periodically with adaware/spybot/antivirus of choice...we layer the protection to mitigate risk, but there's no definitive answer to it for sysadmins.
    arrocharGeek : +1 for Bart's comment above...and FYI, I believe the question has been community wiki from the start (I think my answer was first).
  • We have a Mac or two in the office, on them we run the OSX version of Sophos A/V. We don't do real-time scanning on them, however we have them setup to run a nightly scan.

    From Thoreau
  • No. I work in an educational environment (1500 Macs in 12 schools), and have not had any problems with virii on the Mac (at least none that I am aware of). Mind you, if there were a small outbreak, we would probably just re-image the machines (and, if they were student machines, be done with it), or, for staff, hope that they've actually got their time machine backup up to date, and re-image and recover data.

  • I work on a Multi national corporate and we use an Antivirus on our differents unix/linux servers/workstations machines.

    Our antivirus editor is: Sophos Antivirus.

    I'm pretty happy about this solution because there are almost no faulse positive and the security is quite good.

    There are Virus on Mac/Linux/Unix and any other OS, BUT which made the difference is the way you configure and secured your Administration AND user Environnement.

    From Dr I
  • Nope - We have a 3 or 4 Macs for the Creative staff (the other 100+ machines are windows, with the exception of a few linux VMs).

    Backups and the network shares that the Macs use get scanned though.

    The university that I went to has a site license to McAfee which they offer free to students. There were both Mac and PC versions.

    From Seth
  • The marketing department where I work has 5 or 6 Macs and over 200 Windows desktops. A few of them have ClamXav on the Mac, so specific files can be scanned, but no realtime scanning. The Windows workstations are all locked down, AV installed, etc. The Macs are not locked down at all, and we've not had a problem with malware.

    From emgee
  • We have a few Macs in the art department but run predominantly Windows. At this time only the Windows machines have antivirus software on them.

    As an aside, I use a Mac as my main personal machine and only a few days ago installed some AV software for the sole purpose of checking downloaded files, many of which are intended to be installed on Windows machines. I ran a scan of the whole machine and found exactly what I was expecting - nothing.

    Personally, I'm having a hard time finding real evidence of a virus for a Mac. That's not to say I don't necessarily believe they exist yet. There are a lot of claims being made, mostly by companies trying to sell AV software, with remarkably little evidence in support of those claims. It reminds me more than a little of the so called Y2K bug, where billions of dollars were spent to "fix" a problem that was non-existent in nearly all but a very tiny number of cases, all of which should have been upgraded at least a decade earlier anyway.

    duffbeer703 : I totally agree. The security doomsayers have been talking about the upcoming virus tsunami coming for Unix, Linux and Mac since at least 1999. Linux has significant marketshare outside of the US, and Mac has a substantial marketshare within the US. Where's the beef?
    John Gardeniers : Don't get me wrong, I firmly believe it's only a matter of time. It's just that I'm not convinced that time has arrived just yet.
  • We tried using AV on Macs, but the product that we used is a real steaming pile that has a very negative performance impact. After removing said product, we didn't pursue the issue further, because:

    • We were unable to obtain any information that allowed us to quantify any risk of OS X infection at the time we did the analysis. (This may have changed since then)
    • We adopt a layered security approach. Our email has multiple layers of anti-malware defense (hosted and on-premise) and our VPN subnets & internet gateways are protected by a fairly sophisticated set of anti-malware technologies.
    • The population (approximately 300 machines) is small relative to the rest of the network.

    The only real value to the AV solution that we could put our fingers on was to protect Windows machines against infected files transferred via USB key, etc. The risk was already mitigated by other factors, and our discussions turned into religious debate where neither side had any real facts to present. So we accepted the risk and haven't had an issue in 2 years.

  • We have antivirus installed on our Macs but it has caused issues on some of them. We're waiting for an updated product, apparantly to be released in April, to allow us to reinstall on the machines currently without.

    From Mitch
  • Master foo say to Nervous Novice, "There is no need to add pillars to support your roof if your house is well built"

    John Gardeniers : Unless of course the house is made of wood and the area has a termite problem. :)
    From Zak


Post a Comment