7.4 Software Inventory Considerations

Information

With the introduction of Mac OS X 10.6.6, Apple added a new application, App Store, which resides in the Applications directory. This application allows a user with admin privileges and an Apple ID to browse Apple's online App Store, purchase (including no cost purchases), and install new applications, bypassing Enterprise software inventory controls. Any admin user can install software in the /Applications directory whether from internet downloads, thumb drives, optical media, cloud storage or even binaries through email. Even standard users can run executables if permitted. The source of the software is not nearly as important as a consistent audit of all installed software for patch compliance and appropriateness.

A single user desktop where the user, administrator and the person approving software are all the same person probably does not need to audit software inventory to this extent. It is helpful in the case of stability problems or malware however.

Scan systems on a monthly basis and determine the number of unauthorized pieces of software that are installed. Verify that if an unauthorized piece of software is found one month, it is removed from the system the next.

Export System Information through the built-in System Information Application or other third-party tools on an organizationally defined timetable.




Perform the following to access System Information through the GUI or the command line.

Graphical Mode:

Select the Apple icon

Select About this Mac

Select System Report

Select File

Select Save

Choose the name of the file and location to save the file to

Terminal Method:

Run the following command to view all System Profiler details

$ sudo system_profiler

To find more detailed instructions on the use of the system_profiler command, run the following:

man system_profiler

About System Information on your Mac

Additional Information:

Inventory and Control of Software Assets

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

None

See Also

https://workbench.cisecurity.org/files/3013

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-8, CSCv7|2

Plugin: Unix

Control ID: 59365c9a232854c744e08848ec843b6f5bcbf08f124ff119221051d8b3dfc383