Our great sponsors
-
You can get most of the way to hardening to CIS level 1 picking more up-to-date fork of these https://github.com/jamf/CIS-for-macOS-Catalina-CP.
FWIW, CIS level 1 will mean people get locked out of their machines very frequently. Complex 15 character passwords with 3 retries from memory. So you need a half-decent MDM to unlock quickly. There is no half-decent MDM out there. Only shit ones but workable like Jamf.
Also you the username does't get auto-populated on login so the typo can be in username and user assumes it is with password. Very fast way to get lock outs.
To pass a full security review you might want to play with Google Santa. But that is intense.
-
> Install and configure Google’s Santa.
Interesting, I'd never heard of this before. "A binary authorization system for macOS". Open source.
-
Appwrite
Appwrite - The Open Source Firebase alternative introduces iOS support. Appwrite is an open source backend server that helps you build native iOS applications much faster with realtime APIs for authentication, databases, files storage, cloud functions and much more!
-