Build America Mutual, a leading U.S. municipal bond insurer, is an all Apple shop. And even though macOS and iOS are generally secure, threats to the platforms continue to rise. Credit: Getty Images Apple remains a highly secure choice for enterprise professionals, but security threats remain and the environment requires sophisticated endpoint management tools, according to Build America Mutual (BAM) CTO David McIntyre. The Mac only bank BAM, one of the leading U.S. municipal bond insurers, has insured more than $65 billion since its launch in 2012. It also has the rare distinction of being a fintech firm that is completely based on Macs. In fact, it has been an Apple-based enterprise since the start. “The founders all use Macs at home,” McIntyre explained. “We said, ‘Let’s try to build a financial firm that uses Macs.'” When the company launched, it also found that most of its potential employees used Macs, so it made even more sense to standardize around Apple’s platforms. “We thought it would be easier and would let a small team support the employees,” he said. McIntyre spoke at last week’s Jamf JNUC event to talk about the recently announced Jamf Protect endpoint security solution, as noted here and here. The challenge his company faced is that it deals with financial transactions valued at billions of dollars for huge clients – and is based in New York, which has legendarily tough cybersecurity regulations. This means BAM must use the best security protection it can get. The Apple security environment The company has learned as it grows – among other lessons, it has found that the security environment for even Apple’s platforms is increasingly complicated. “Five years ago, security was probably 10% of the jobs” of the company’s system admins, said McIntyre. “Now probably 50-60% of their time is spent on cybersecurity,” he added, “not just because of cybersecurity regulations, but also because we’ve become a lot more aware of the security environment. It’s a thing that keeps me up at night.” Despite the size of its business, BAM is a small firm with just two system admins to handle the technical needs of its 100 employees. Apple has a great reputation for security, and usually moves fast to address platform-based threats. But those aren’t the only exploits that exist. Regular security and OS updates and speedy response to most identified challenges mean the platform is innately robust. But while virus checkers and firewalls can provide permiter protection, most security researchers now agree that the threat environment demands more complete insights into device and machine security. The Mac malware challenge Mac malware does exist – and while Apple’s platform has lots of built-in protection, the biggest security vulnerability tends to be the humans using the computers and the applications they choose to install on them. “One common way malware is distributed is by embedding it in a harmless-looking app,” Apple states on a support page. When BAM started in business, it relied only on Apple’s security. “We’d always relied on software updates,” said McIntyre. “I hadn’t realized the need for endpoint protection.” He came to understand the need for tougher protection as his awareness of the big picture around Mac security grew, and as the number of attempts made against Apple’s platforms made against Apple’s platforms continues to increase. Chrome browser plug-ins: ‘A real Wild West’ BAM now uses Jamf’s new endpoint security solution, which has already protected it against threats. McIntryre told the JNUC audience about one of these: “A few months ago, we had an alarm go off on Jamf Protect and at the same time our network stopped working,” he said. “It turned out that one of our employees had downloaded the number one Chrome plug-in.” The offending plug-in turned out to be a popular parcel tracking app that had “50,000” reviews, he said. Half of those reviews were positive, while the others described similar problems as his company faced, he said, calling it “malware.” BAM was able to isolate the problem and create a new set of rules to manage Mac security. These rules extended to the development of a white list of approved Chrome plug-ins. “We actually realized that Chrome browser plug-ins were a real Wild West,” he said. Securing the human Of course, not every Mac user has access to powerful enterprise security solutions. But the lessons should be the same as they always have been in cybersecurity: Never install software, except from a trusted source. Beware of installing browser/app plug-ins. Even though the software you are using may have passed through Apple’s stringent App Store security vetting processes, any additional plug-ins/extensions supported by it may not be secure, as allegedly happened at BAM. Applications such as Little Snitch and tough endpoint security protection (including use of secured routers) may help. Use of VPNs can help prevent various ‘man in the middle’ attacks. For more security tips for Mac users read this guide. (The report needs updating but still carries plenty of helpful suggestions.) Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe. Related content news analysis Chasing business and partnerships, Apple goes APAC Apple CEO Tim Cook’s week-long visit to Indonesia, Vietnam, and Singapore highlights how the company continues to explore new opportunities in global markets. By Jonny Evans Apr 19, 2024 4 mins Manufacturing Industry Apple Vendors and Providers analysis Apple wants to improve the carbon offset market Apple's just-published annual environmental report detailing its progress towards carbon neutrality shows the company is working hard to be transparent about its efforts. By Jonny Evans Apr 18, 2024 6 mins Technology Industry Apple Green IT news analysis Apple sidles into sideloading in the EU EU users get ready for multiple app stores By Jonny Evans Apr 17, 2024 6 mins Apple App Store Apple iOS how-to 20 iPhone tips you might not have seen Most people now know that the way to get rid of the last number you typed in Calculator is to swipe a finger right or left in the number display to get rid of it. Here are 20 other useful tips you might not have come across. By Jonny Evans Apr 16, 2024 6 mins iPhone Apple iOS Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe