How do you enforce least privilege on Mac endpoint without compromising productivity or security? We would like to reduce risk of attack through privileged accounts.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
How do you enforce least privilege on Mac endpoint
- Thread starter Stella Martin
- Start date
- Sort by reaction score
The only thing you can really do is not issue admin accounts to employees, but that can hinder productivity. It might also be helpful to use an enterprise anti-virus software; as much as it pains me to recommend AV for a Mac, my coworkers sure can load them up with crap. An AV solution can prevent that.
FWIW, we do issue admin accounts to employees on their assigned Macs and rely on both AV installed locally and network based AV to keep us protected. Everything else is either local server based or cloud based; ie., easy to enforce least privilege regardless of client device.
FWIW, we do issue admin accounts to employees on their assigned Macs and rely on both AV installed locally and network based AV to keep us protected. Everything else is either local server based or cloud based; ie., easy to enforce least privilege regardless of client device.