reports that the National Institute of Standards and Technology
has finalized its macOS security guidance, which has been based on the macOS Security Compliance Project and seeks to bolster mSCP awareness.
The guidance "and the mSCP GitHub site are intended for system administrators, security professionals, policy authors, privacy officers, and auditors who have responsibilities involving macOS security. Additionally, vendors of device management, security, configuration assessment, and compliance tools that support macOS may find this document and the GitHub site to be helpful," said NIST.
NIST noted that while mSCP will be independent of new macOS versions released annually, it will be updated in the event of significant modifications.
"Generally, the technical security settings in macOS do not drastically change from release to release, with only a handful of new settings being introduced. By pursuing a rules-based approach, mSCP rules that remain applicable can be reused and incorporated into guidance for the latest macOS version. This enables quicker adoption of new security features that are not offered in prior versions of macOS," NIST added.