You are here: Home / Archives for OS X

Whole Disk Encryption, OS X Lion and Security

July 27, 2011 By 5 Comments

Whole Disk Encryption

Whole Disk Encryption & OS X Lion

First, this is an exciting feature of OS X Lion for business users. I have opined about this feature before in a previous post. However, let’s state the facts: whole disk encryption ensures business users that their data is more secure than in previous releases of the operating system.

Second, let’s get an understanding of what whole disk encryption means for everyone. Security always sounds great, although it has lots of uncertainty. We’ll use the definition from Wikipedia:

Disk encryption uses disk encryption software or hardware to encrypt every bit of data that goes on a disk or disk volume. Disk encryption prevents unauthorized access to data storage. The term “full disk encryption” (or whole disk encryption) is often used to signify that everything on a disk is encrypted, including the programs that can encrypt bootable operating system partitions.

Setting up whole disk encryption (FileVault 2) in OS X Lion

Originally, we had planned to write a “how-to.” However, Apple has done a better job in articulating the setup steps in this knowledge base article. Further, in the Ars Technica review of OS X Lion, there is another great example of how to enable this feature.

Instead, we are going to focus on how you will use whole disk encryption in your daily tasks.

Before we articulate the usage, there is a key missing item from the Apple’s and Ars’ article: time to setup. Yes, it takes time (a lot of it) to enable this feature within OS X Lion.

Let’s articulate the time in detail:

  • Initial setup (not migrating from FileVault v1): about 10-15mins
  • Encryption time: on a brand-new install of OS X Lion, with no additional applications installed, it took just over two hours to enable whole disk encryption on a three year old iMac. This time could decrease or increase based upon your system.

Using FileVault 2: Performance impacts

Once you have Filevault 2 enabled, you will not notice any performance changes. Whether it is real or a matter of perception, your files feel like they open just as fast. Your apps launch without any additional delay. Your backups via Time Machine work the same, etc.

Upon system boot, you will be prompted to login, as you must authenticate with your username and password, even if you previously did not enable this authentication.

Using FileVault 2: Security Benefits

By enabling whole disk encryption, you are adding a new level of security to your Mac. All of your data is now secured using XTS-AES 128 encryption. To translate from technical gobbledygook - this is pretty darn secure.

Utilizing whole disk encryption via FileVault 2 will ensure that if your computer is lost or stolen, your data will not be retrievable. For those with sensitive client data (or business data), utilizing this feature is fundamental to your business security.

Summary

We didn’t spend any time talking about migrating from FileVault v1 to v2 because that is handled in Apple’s Support article mentioned above. Nevertheless, the significant security and performance improvements provided with this whole disk encryption feature is essentially a complete win-win for business users.

If there are any gotchas – there are two:

  1. DO NOT LOSE YOUR SECURITY KEY.
  2. DO NOT FORGET YOUR PASSWORD.

Sorry for the yelling, although we wanted to make sure that you received the message loud and clear. :)

Of course, if you want to learn more about FileVault 2/whole disk encryption and security, please don’t hesitate to reach out to us here at Blacktip.

This content was originally written as a guest post on themaclawyer.com.

Filed Under: Business, Consulting, Software, Solutions Tagged With: , , , ,

OS X Lion arrives today

July 20, 2011 By Leave a Comment

OS X Lion – Available for download or purchaseOS X Lion

Sometime today (probably after 9am ET), OS X Lion will be launched and available for downloading. This is a very exciting release, although as we have mentioned in our previous post about upgrading, we strongly recommend that business users wait at least 30 days before making this transition.

Upgrading OS X Lion today

If you decide to upgrade to OS X Lion today (and ignore our advice -:)), we recommend that you do so on a non-mission-critical machine or on a separate partition of a hard drive. This way, you can begin confirmation of applications support. Here are some very important items to consider when upgrading:

System requirements for OS X Lion

  • OS X Lion Requires a full 64 bit compatible Intel Processor. For example: the Core 2 Duo, i3, i5, i7 and Xeon. Some of the earliest Intel Processors are not supported (Core Solo and Core Duo).
  • At least 2GB of RAM (although 4GB is preferred).
  • 4GB of available hard disk space for the download and we estimate at least another 10 for the installation.

What to do prior to upgrading to OS X Lion

When we last wrote about ensuring your software was compatible with OS X Lion, the latest information we had indicated key software vendors would not have their applications ready. Let’s discuss those:

  • First and foremost, your current OS X should be 10.6.8 and have all available Apple Software Updates. You cannot upgrade to OS X Lion without running 10.6.8. So, if you are running Leopard, read more about what to do.
  • Rosetta is no longer available with OS X Lion – this means that PowerPC versions of your Apps will not work on OS X Lion.
  • Backup! Make sure to have a current Time Machine, Carbon Copy Cloner (or SuperDuper) or whatever software you use for a local backup.

Software updates for OS X Lion

Adobe
  • Adobe CS2, (and most likely CS3) is not compatible.
  • Adobe CS Suite 5.5 should be compatible with OS X Lion (here is the official post).
FileMaker
  • Bento 4.0.4 is compatible.
  • FileMaker Pro should be compatible (no official post).

Intuit

  • QuickBooks 2011 is compatible with OS X Lion (make sure to have R10 installed). All previous versions are not.
  • Quicken 2007 is not compatible.
  • Quicken Essentials should be compatible.

Marketcircle

  • Has a beta update available for Daylite. More information here.
  • Only the Daylite client is compatible (with the beta). DO NOT UPGRADE your Daylite Server. There is an outstanding issue with OS X Lion and upgrading with break your Daylite Server.
  • Billings Pro 1.5.2 client is compatible with OS X Lion. Billings Pro Server is not compatible (similar to Daylite Server). There will be a beta of Billings Pro that should provide some compatibility in the future.
  • Billings 3.7.1 is compatible.

Microsoft

  • Microsoft Office 2011 14.1.2 is compatible with OX Lion, although another update may be published soon.
  • If you already have Office 2008 installed, it should be compatible (make sure it is current with 12.3).
  • If you try to install Office 2008 after installing OS X Lion, you will not be able to do so, as the Office installer requires Rosetta to install. Thus, make sure to install Microsoft Office 2008 on your Mac prior to upgrading to OS X Lion.
  • Microsoft Office 2004 is not compatible (it is a PowerPC app).

Omni Group

There is a broader compatibility list for software apps and OS X Lion available as well. For hardware compatibility updates with OS X Lion, you’ll have to check with your manufacturer’s Web site.

Should you upgrade to OS X Lion today?

Honestly, no. This is your business and you need to take software upgrades (especially OS) seriously. We recommend holding off. More importantly, we highly recommend holding off on OS X Lion Server until there is additional information available for your server applications.

Of course, if you want to talk more about upgrading OS X Lion, please don’t hesitate to call or contact us. We are here to help guide you through the transition.

Filed Under: Business, Consulting, Software, Solutions Tagged With: , , , , , ,

iCloud, OS X Lion Server and Business

July 6, 2011 By 1 Comment

iCloud

iCloud: Does it make sense for business?

Depending upon the size of your business, iCloud could provide value. How so? First, let’s examine some facts about what iCloud is going to offer come the fall of 2011 (quoting from Apple):

  • iCloud is so much more than a hard drive in the sky. It’s the effortless way to access just about everything on all your devices. iCloud stores your content so it’s always accessible from your iPad, iPhone, iPod touch, Mac, or PC.
  • iCloud keeps your email, contacts, and calendars up to date across all your devices.
  • iCloud has no syncing required. No management required. In fact, no anything required. iCloud does it all for you.

All of these features seem pretty compelling, especially since they are free. Then why does the value of iCloud depend upon the size of the organization? Frankly, its about who owns the data.

Small business and iCloud

Most small businesses (in the 3-5 range) or SoHos (small office/home office) don’t really have a need for an OS X Lion Server. Thus, using something like iCloud to store/share content across devices makes sense, especially given the cost: free.

Let’s look at a couple of use cases for iCloud and small business:

Example #1: A sole proprietor/freelance graphic designer

  • They can take share their portfolio via iCloud (any iWork document is easily shared), which is indispensable, as they can now be at any client site to share their latest designs from any device.

Example #2: A small construction firm

  • They can easily access their photos via Photo Stream, which means they can share visual examples with their clients easily and efficiently. And, they can store quite a few photos (1000 of the most recent) within iCloud.
Example #3: Any small business
  • They can quickly update any client information and know that it will be available on their Mac the moment they arrive home is pretty incredible.

iCloud vs. OS X Lion Server: Medium business + Enterprise

Ok, so we have iCloud use cases for small business. What about medium business? Enterprise? Honestly, in both of these segments, we believe that iCloud will only be used by individuals within the organization (and those organizations who allow it) to access their personal information on their work computers.

OS X Lion Server

Otherwise, we see organizations deploying OS X Lion Server, to better control sharing of information via managed profiles (iOS Devices and Macs) as well as via shared storage (WebDAV).

Security and iCloud

The one nagging question is security. Cloud services in general are causing folks to consider (or reconsider) sharing their content due to security implications. DropBox, over the past few months has provided reasons for businesses to not use their service, given the security issues surrounding their storage service.

Regardless, businesses do not want to have to pay for the iron (servers) to host their own content anymore. So, Apple will have to provide clear security documentation in order for businesses to have trust with iCloud.

Summary

We do think that Apple’s iCloud service will provide value to small business owners, given the above examples. We do not see the inherent value for medium or enterprise business, as these groups will most likely continue to control their data via OS X Lion Server, WebDAV sharing and more.

And, until the security is clearly defined from Apple, we recommend all business users hold off on utilizing this service. Sadly, we probably won’t have any security information until iCloud is launched this Fall.

If you want to learn more, please feel free to Contact us and we can talk about how iCloud or OS X Lion Server can integrate into your Apple Mac Business.

Filed Under: Business, Consulting, Software, Solutions Tagged With: , , , , , ,

OS X Lion: when businesses should upgrade

June 27, 2011 By 1 Comment

OS X Lion

OS X Lion will be a compelling upgrade…

Although you should absolutely not upgrade until Apple releases OS X Lion 10.7.1 or later. Why? As a business, you need to consider not just the cost impact (see here), you also need to consider the timing of making such a big infrastructure change.

Apple generally does a great job of testing their software and for all intensive purposes, upgrading should go relatively smoothly. However, it isn’t just Apple software that needs to be compatible, it is all of your current business software.

Also, if you recently purchased a Mac (post June 8th), you are eligible for the OS X Lion up to date program (details have not been defined).

Software compatibility with OS X Lion

To date, here are some public statements about compatibility with OS X Lion:

  • Marketcircle – Daylite, Billings, Billings Pro.
  • Adobe – no formal announcement (as of yet), although CS4 and CS5/5.5 should be compatible.
  • Microsoft – as above, although Office 2004 and below are incompatible (they require Rosetta, the translator for PowerPC apps and Intel chips).
  • Intuit – Quicken 2007 is not compatible (it also requires Rosetta).

Hardware compatibility with OS X Lion

This is the real unknown. Drivers for the most part should be compatible, if they were compatible with OS X Snow Leopard. However, if your hardware (printer, scanner, etc.) is generally over five years old, it might not be compatible. It’s best to wait until your vendor has posted either new software drivers or a list of compatible devices with OS X Lion.

Summary

  • Consider the timing of upgrading to OS X Lion. Wait at least 30 days post launch.
  • Consider how Apple is going to deploy OS X Lion once they realize that very few businesses have lightning fast broadband and can’t download it from the Mac App Store.
  • Consider the software you own and what you’ll need to upgrade (or wait).
  • As above, review your existing hardware and see if the drivers you have will be compatible.
  • Be patient! New and great isn’t always new and great. It’s just new.

There are also some other great articles on preparing for OS X Lion:

As always, contact usmission control to learn more how we can help you with the OS X Lion upgrade.

Filed Under: Business, Consulting, Software Tagged With: , , , , ,

OS X Lion upgrade: the real cost

June 8, 2011 By 3 Comments

OS X Lion

Are you excited to upgrade to OS X Lion?

When OS X Lion ships in July, there are many things to consider about the upgrade. Before we get into those considerations, let’s be clear: this is a very exciting release for both the desktop and the server. Many new features are available, some of which we listed in a previous post when OS X Lion was announced last spring.

Some of the primary real advancements, especially for business users include:

The best benefit of all for OS X Lion is the price – $29.99 for the upgrade. Of course, let’s not just factor in the retail price of this software upgrade. We need to consider many other items. In fact, that retail price is a misnomer. Let us explain…

OS X Lion upgrade pricing – the truth for business users

When we mentioned the part of considerations, let’s look at the real time and cost to upgrade to OS X Lion:

Upgrade from OS X Leopard

  1. If you are running OS X Leopard (10.5), you will need to purchase a license of OS X Snow Leopard for each computer. If you have 10 Macs, this could cost you roughly $300. If not,
  2. Next, you have to factor in the time to upgrade to OS X Snow Leopard – approximately an hour per computer for the base upgrade, and then another 1-3 hours for all of the software updates (this is without upgrading via a netrestore from OS X Server).
  3. You then have to consider software compatibility. Does all of your software support OS X Snow Leopard? What will the costs be to upgrade those programs? It could be in the thousands, if you have multiple licenses of the Adobe Creative Suite.
  4. Next, comes the actual upgrade to OS X Lion, which is another $29.99 per computer ($300), plus the time it takes to upgrade (an hour, most likely). Be aware, OS X Lion is only available via the Mac App Store.
  5. Of course, one big consideration is if you run older PowerPC software that requires Rosetta. A good example of this would be Microsoft Office 2004 or Adobe CS2. To be clear, these software products will not run OS X Lion. You must upgrade to the current releases of each (2011 and CS5.5, respectively).

Bottom line (and this is not comprehensive, as each business has their own requirements):

  • $600 (OS X cost)
  • $8000 (CS Suite upgrade cost)
  • $2000 (Office 2011 upgrade cost)
  • $TBD (Consulting implementation cost)

Total (Estimated): $10-15000

As you can see, this is not a trivial cost. And it is just for an estimated 10 Macs!

Upgrade from OS X Snow Leopard

The path is similar to OS X Leopard, although we remove the cost/time for upgrading to Snow Leopard. We still need to address the OS X Lion upgrade cost as well as any PowerPC software upgrade costs. A rough estimate here is close to the same:

  • $300 (OS X cost)
  • $8000 (CS Suite upgrade cost)
  • $2000 (Office 2011 upgrade cost)
  • $TBD (Consulting implementation cost)

Total (Estimated): $10-15000

Now, neither of these include the cost to upgrade OS X Server, which can be significant.

Upgrade from OS X Leopard Server

This is more tricky, as it is a best practice to not upgrade and install new (backup the old, start from scratch to ensure the Server is setup correctly).

Given how OS X Lion Server is only an upgrade, it will be curious to see how robust this process is for implementation. Regardless, here are some rough costs:

  • $500 (OS X Snow Leopard Server)
  • $50 (OS X Lion Server)
  • $TBD (Consulting implementation cost – depends upon your Server complexity)

Total (Estimated): $500 + Consulting

This is not an inexpensive venture, to say the least.

Upgrade from OS X Snow Leopard Server

This is identical to upgrading from OS X Leopard Server, although without the additional cost of OS X Snow Leopard Server.

  • $50 (OS X Lion Server)
  • $TBD (Consulting implementation cost – depends upon your Server complexity)

Total (Estimated): $50 + Consulting

So, what you should  you expect?

Budget, budget, budget

Make sure you allocate within your budget to handle this upgrade. Your plan:

  • First and foremost, if you are running OS X Leopard (desktop and server), work with your consultant (or contact us) to define a migration plan to OS X Snow Leopard.
  • Next, we then recommend waiting until the fall before considering an upgrade to OS X Lion (desktop and server). It’s best to let the bugs get worked out before upgrading – don’t be the guinea for Apple. :)

OS X Lion looks to be an incredible upgrade. It’s easy to get excited about this release, although temper your excitement for OS X Lion with a little dose of financial reality.

Filed Under: Business, Consulting, Software Tagged With: , , , ,

Snow Leopard Server Network Accounts: IT to IT

May 9, 2011 By Leave a Comment

Editors note: this is a column in our IT to IT Series

While recently implementing a new network from a switcher, our team came across a few items worth mentioning to those out there utilizing third-party software (Adobe, Parallels) and how they work with Snow Leopard Server Network Accounts.

Part of the reason we are writing this post is because searching Google resulted in very few hits to the issues we found. Thus, we wanted to help the IT community in learning how to workaround these items.

Snow Leopard Server & AcrobatAdobe Acrobat X & Snow Leopard Server

Let’s talk about Adobe Acrobat X first. It’s a fantastic application for editing and creating new PDFs. It handles document management well. It makes life easier for many offices wanting to go paperless. However…

As many folks might know, Adobe doesn’t inherently support network accounts/network home folders with Apple OS X Snow Leopard Server. Why? Because Acrobat (and probably other Adobe apps) require the ability to write their preference files to the local computer (this is bad coding for an Apple app).

This is a hassle to say the least, as if you are trying to run an optimized server installation with a real open directory service, you want networked accounts – it makes it easier to manage the users.

The solution

So what is the workaround? Thankfully, we at Blacktip IT were able to implement Mobile accounts for the users who needed to access Adobe Acrobat. Mobile Accounts synchronize the user’s home folder to the local computer, thus enabling Adobe Acrobat to write its preference files to the local disk. And, voilà, we have a working Acrobat installation.

Parallels Desktop 6 & Snow Leopard Server

Now, let’s talk about Parallels Desktop 6 for Mac. This is an incredible virtualization tool that has fast performance, pretty seamless integration with the Mac and has a ton of features. As stated above, however…

The product doesn’t work with Snow Leopard Server network accounts at all. Period. No workaround. We even spoke with a contact of ours at Parallels and unfortunately, his suggestion of deleting .tmp files didn’t work. This became a big problem for us as the client switching required the use of Internet Explorer. What did we do?

The solution

We switched to VMware Fusion.

VMware Fusion 3.1.x & Snow Leopard Server

When you are on a schedule with limited time, you need a solution to a problem. Rather then keep trying to make one product work, sometimes it makes sense to switch to a competing product.

Well, doing so with VMware Fusion resolved our problem. Fusion 3.1 does work with Snow Leopard Server network accounts (home folders). In fact, it worked seamlessly.

We did run into one snag with Fusion. Make sure to deselect the easy install option when setting up Windows (we used Windows 7 in this implementation). Why? Well, the default easy install will choose a random language for Windows, rather than US English. Our installs resulted in using the Turkish language. It was actually quite funny.

Upon performing a little more research, we retried the installation, performed a complete custom install for Windows, and we were back in business.

The Result

In the end, after a little experimentation, research and perseverance, we were able to resolve the network account issues and make our client happy.

For our other Apple Consultant Network friends, and anyone else who is implementing network accounts with products from Adobe, Parallels or VMware, we hope this information is helpful/useful to you. Don’t hesitate to comment below or contact us if you have any feedback/thoughts/suggestions on this post about Snow Leopard Server Network Accounts.

Filed Under: Business, Consulting, Software Tagged With: , , , , ,

Daylite Mail Integration 2.5.4 available along with OS X 10.6.7

March 22, 2011 By Leave a Comment

Yesterday, Apple released OS X 10.6.7, which provides a variety of fixes and security enhancements. You can read the release notes here and download the combo updater here. We do not recommend using Software Update to install this new version of OS X 10.6, as using the combo updater ensures all of your system files are updated correctly.

Daylite Mail Integration

Daylite Mail Integration

With this new release of OS X 10.6, and if you are running Daylite, you will need to update your Daylite Mail Integration (DMI) plugin to ensure compatibility (meaning, OS X 10.6.7 disables the previous release of DMI). Please download the latest Daylite Mail Integration here.

Of course, if you need help updating to either Daylite Mail Integration 2.5.4 or Apple OS X 10.6.7, please don’t hesitate to contact us.

Filed Under: Business, Consulting, Software, Solutions Tagged With: , , , ,

OS X Lion: Apple provides more details

February 28, 2011 By 5 Comments

OS X Lion

This past Thursday, Apple provided more details about OS X Lion, due to be released this summer. The big items of note to any Apple Mac Business include the following:

All New FileVault

Keep all the data on your Mac even more secure with XTS-AES 128 data encryption at the disk level. Initial encryption is fast and unobtrusive — it encrypts everything in the background while you work. FileVault also encrypts your external drives, and provides the ability to wipe all the data from your Mac instantaneously.

Versions - See every step you take

Versions records the evolution of a document as you create it. Mac OS X Lion automatically creates a version of the document each time you open it and every hour while you’re working on it. If you need to revert to an older version or retrieve part of a document, Versions shows you the current document next to a cascade of previous versions — in an interface similar to that of Time Machine — so you can see how your work looked at any given time. You can revert with a click, or quickly copy and paste work from a previous version into the current version.

[Note - this will probably only be available with iWork when it releases]

Resume - Pick up exactly where you left off

If you’ve ever restarted your Mac, you know what’s involved. First you save your work, then close all your apps, then spend valuable time setting everything up again. With Resume, that time-consuming process is a thing of the past. Resume lets you restart your Mac — after a software update, for example — and return to what you were doing. With all your apps back in the exact places you left them. In fact, whenever you quit and relaunch an app, Resume opens it precisely the way you left it. So you never have to start from scratch again.

OS X Lion Server integration - Simply a better server

Lion Server is now part of Mac OS X Lion. It’s easy to set up your Mac as a server and take advantage of the many services Lion Server has to offer.

[Note - You can now install either OS X Client or Server using the same media]

There have also been some additional findings on the rumor sites, some of which are quite interesting:

  • No more support for PowerPC applications. Yes, now is the time to start looking at replacements for these older products.
  • The ability to migrate data and settings from PCs.
  • TRIM support for SSDs, and much more.

All of us at Blacktip IT Services are very excited about Mac OS X Lion (scheduled for the summer of 2011).

We encourage all of our clients to upgrade 30 days post-release, as the benefits of this release in terms of disaster recovery, security and stability will be worth every penny spent over the long term.

To learn more, please don’t hesitate to contact us.

Filed Under: Business, Consulting, Software Tagged With: , , , , ,