Last time my employer made me install this antivirus application, I ended up being down for days and could not do my work or use my laptop. Now we have a new SEC crew and they do not want to hear that this is an issue and want me to install it again. Can you please help me figure out how to do this so it does not ruin my experience or machine?
MacBook Pro 15″, macOS 10.14
CarolineChandor wrote:
Last time my employer made me install this antivirus application, I ended up being down for days and could not do my work or use my laptop. Now we have a new SEC crew and they do not want to hear that this is an issue and want me to install it again. Can you please help me figure out how to do this so it does not ruin my experience or machine?
My employer has required anti-virus for many years due to requirements of government contracts we work on. They abandoned Symantec quite a long time ago due to its instability and interference with the MacOS. They have tried multiple vendors since then and settled on SentinelOne after extensive testing. We are all on Sonoma 14.5 and SentinelOne seems quite unobtrusive and stable. People record issues on our internal Slack channels and I have seen nothing posted there regarding SentinelOne for a long time.
If your employer requires some sort of anti-virus, you can argue that you have one installed already -- the Mac has a built in anti-virus as per Grant's posting. The only way to access that sealed OS volume is to impersonate the Apple servers, which I believe is fundamentally impossible to do, much harder than getting past some commercial anti-virus product.
Another option: install Malwarebytes, which prevents and can remove malware. Malware is the only thing a Mac can be affected by, if a user improperly clicks on links or installs a browser add on, but virus is impossible on MacOS. Maybe your employer will accept that you have Malwarebytes as a safety precaution. Leave the automatic background checking of Malwarebytes off (it takes up system resources) but you can run it manually or just leave it, it is harmless.
If they absolutely insist on Symantec, you will need to proceed and do your best to be careful and install only a minimal version and if you can, disable it. We had lots of problems with Symantec, so many that my employer abandoned it a long time ago.
CarolineChandor wrote:
Last time my employer made me install this antivirus application, I ended up being down for days and could not do my work or use my laptop. Now we have a new SEC crew and they do not want to hear that this is an issue and want me to install it again. Can you please help me figure out how to do this so it does not ruin my experience or machine?
My employer has required anti-virus for many years due to requirements of government contracts we work on. They abandoned Symantec quite a long time ago due to its instability and interference with the MacOS. They have tried multiple vendors since then and settled on SentinelOne after extensive testing. We are all on Sonoma 14.5 and SentinelOne seems quite unobtrusive and stable. People record issues on our internal Slack channels and I have seen nothing posted there regarding SentinelOne for a long time.
If your employer requires some sort of anti-virus, you can argue that you have one installed already -- the Mac has a built in anti-virus as per Grant's posting. The only way to access that sealed OS volume is to impersonate the Apple servers, which I believe is fundamentally impossible to do, much harder than getting past some commercial anti-virus product.
Another option: install Malwarebytes, which prevents and can remove malware. Malware is the only thing a Mac can be affected by, if a user improperly clicks on links or installs a browser add on, but virus is impossible on MacOS. Maybe your employer will accept that you have Malwarebytes as a safety precaution. Leave the automatic background checking of Malwarebytes off (it takes up system resources) but you can run it manually or just leave it, it is harmless.
If they absolutely insist on Symantec, you will need to proceed and do your best to be careful and install only a minimal version and if you can, disable it. We had lots of problems with Symantec, so many that my employer abandoned it a long time ago.
New Macs are not subject to Windows viruses, because they do not even use the same processor as Windows.
MacOS shares a lot of the lock-down mechanisms developed for the iPhone. Applications are all sand-boxed with a list of the resources they require, and they cannot ask for anything outside their sandbox without crashing. Signed Applications are checked that they are from legitimate Developers, and Notarized Applications are delivered with the assurance that they have NOT been modified since their release by the Developer.
Recent versions of MacOS completely changed how you should think about malware.
From MacOS 10.15 Catalina onward, the system is on a Separate, crypto-locked System Volume, which is not writeable using ordinary means. Any unauthorized differences that appear to the crypto-locked volume are quickly detected and you are alerted.
So you could store just about every malware known to mankind on your Mac, and your Mac would not get infected spontaneously. Scanning for virus-like patterns might make you feel a little better now, but on an Apple-Silicon Mac, it is outdated nonsense.
Nothing can become Executable Unless/Until you supply your Admin password to "make it so".
About the read-only system volume in macOS Catalina or later - Apple Support
About the read-only system volume in macOS Catalina or later - Apple Support
What is a signed system volume? - Apple Support
What is a signed system volume? - Apple Support
Signed system volume security in iOS, iPadOS, and macOS - Apple Support
Signed system volume security - Apple Support
Do not install "Symantec" on a Mac. Rule 1 of Macs is don't install junk.
If your employer requires "Symantec" or any similar product then they can buy you a Windows PC, or a Chromebook, or whatever else they are fond of supporting.
Symantec Antivirus installation on OS Sonoma 14.5
