Hacker News new | past | comments | ask | show | jobs | submit login

In Germany for example most companies in the automotive space require all contractors to conform to the [TiSAX](https://enx.com/tisax/tisax-en.html) regulations.

These state, that there needs to be proof of several data security aspects on all devices of all people working in a facility for one of these companies/clients as a contractor:

- Anti Virus software up to date - Firewall active - Harddisk encrypted - Ability to remotely lock device - Ability to remotely wipe device

To ensure that this is in place at all times on all devices one needs a programatic solution - Endpoint Management. And as this needs to be root (for remote wipe) - this could be seen as spyware (as I like to call it internally).

So yeah - there are a lot of companies/industries enforcing this. As someone above said - banking is another industry, insurance, medical and other high profile stuff with sensitive data might come to mind.

The text does not say this - but this I added just from experience. And I actually hope that someday companies like mine could go the Apple way and ensure Endpoint Management on a per user account basis. That way I could still take home my company laptop and use it privately with a different user.

What kind of anti-virus is required on a Mac? (Not debating, just curious.) I work for a FAANG on fairly sensitive projects and I’ve never heard of anyone in my org having anti-virus. FileVault, remote wipe, etc., but not anti-virus. Are their credible anti-virus systems form Mac and Linux?

Don't ask me. It is in the enrollment standard.

I strongly believe all this software only enlarges the potential attack surface.

Not sure if this "zoo" of software is more of a security theater and a legal protection to be able to tell everybody "we did all we could possibly do" in case of an attack/hack/what not.

But even if I strongly suspect my device was more secure before, I know, that lot's of less tech-savvy people will have at least some standard (encrypted SDD, and such) enforced. So I am not yet decided if in the end the net benefit is positive.

Symantec or Macfee come to mind, regardless what we might think about them.

It all about fulfilling IT and law checklists.

iOS allows remote wipe functionallity in the standard mail client. Hopefully this doesn't enable any spying... Personally, I'm happy for my employer to have this functionality (trusting them not to abuse it)... My personal data is backed to the cloud anyways, so if I lose my phone I want it to be wiped.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact