Re: [Fed-Talk] Question on Mac approval
Re: [Fed-Talk] Question on Mac approval
- Subject: Re: [Fed-Talk] Question on Mac approval
- From: "Robinson, Paul, DVI/DMA-Fort Meade" <email@hidden>
- Date: Thu, 29 Aug 2013 19:33:07 +0000
- Thread-topic: [Fed-Talk] Question on Mac approval
This point Ridley makes (see below) is illustrated by the 10.8 release. Apple's disk encryption capability changed in 10.8. In 10.7 the CAC could be used to provide the encryption key making it possible to boot up the computer with a CAC. 10.8 dropped this support, so encryption is via username/password. Once set it is not possible to enable CAC login.
The only solution is to procure a third-party disk encryption tool for DAR compliance. I expressed this to an Apple rep yesterday and he says their focus is small groups use of the workstations, despite the enterprise use of the Apple OS across the Apple enterprise. Sad really.
Paul Robinson, CISSP
Defense Media Activity
From: "Disiena, Ridley (GRC-VG00)[DB Consulting Group, Inc.]" <email@hidden<mailto:email@hidden>>
Date: Thursday, August 29, 2013 12:31 PM
To: "Moore, Dallas" <email@hidden<mailto:email@hidden>>
Cc: Apple Fed-Talk List <email@hidden<mailto:email@hidden>>
Subject: Re: [Fed-Talk] Question on Mac approval
Another reason in my opinion, is the rapid release cycle from Apple which is only compounded by the veil of secrecy and lack of confidence the federal space has in the future releases. Most if not all Federal agencies have no assurance in what security features will remain in Apple provided operating systems from one version to the next, year after year, what will be deprecated / left limping with lack of adequate support, or what will be removed entirely and cease to be a feature.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden