One of the quickest ways to troll IT security professionals is to proclaim that either Microsoft Windows computers or Apple Macs have better security. In reality, both OSes are adequately secure when operated with their default security settings along with their vendor’s best practice recommendations, but after decades of intense competition for passionate consumers, the subject borders on a technical religious war. You won’t gain many friends by claiming both are secure.
With that said, not everyone knows what makes the two most popular OSes secure out of the box. Below is an overview of each OS followed by a comparison of the base security features found in each. We didn’t include other solid enterprise features that aren’t built into the OS and enabled by default.
Microsoft Windows 10 security
For the first decade of its existence, Microsoft’s flagship Windows program was easily the most successfully attacked OS in the history of computers. The number of attacks led to public distrust of Windows as a secure operating system. In response, Microsoft co-founder Bill Gates wrote an infamous memo on January 15, 2002, known as the Bill Gates Trustworthy Computing memo, which directed Microsoft to dedicate more resources to making Windows more secure.
Microsoft not only made Windows more secure by default, but actually co-opted or created dozens of new computer security technologies. One of the most important outcomes of Gates’ 2002 memo was the wholesale adoption of the secure development lifecycle (SDL) across Microsoft. SDL puts secure coding and practices at the forefront and beginning of every software development project. It’s a combination of education, requirements and tools, and Microsoft shares every bit of its experience.
The outcome of SDL is significantly fewer security bugs per thousand lines of code, more security features and choices, less surface attack area, and more secure defaults. The security of Windows 10 is the continuation of Microsoft’s efforts to offer an appropriately secure, general purpose, operating system that would work for the masses across multiple devices.
Apple MacOS security
For a long time, Mac users didn’t have to worry about viruses and malware. Vulnerabilities in the Mac operating system were rarely exploited in the real world. Mac users have always been aware of potential security threats, but much of that was because Windows-using coworkers have been the target of malicious software for ages. The numerous vulnerabilities in every version of Windows in concert with a very large user base made PC users a perfect target.
These days, the potential Mac threat landscape still isn’t as worrisome as on other platforms, but Mac users can no longer afford to ignore the possibility of being compromised by malicious software. These threats will only grow more numerous and more sophisticated as time goes on and more Apple devices are purchased.
It’s happening now: 2017 was a big year for security breaches. In February, a fake Adobe Flash installer carried MacDownloader malware that attempted to transit Keychain data (which includes user names and passwords, among other personal data). Last autumn, several vulnerabilities were detected in shipping versions of the latest Mac operating system, High Sierra, one granting root access to certain areas without a password prompt. Shortly thereafter, we learned that the processor vulnerabilities called Spectre and Meltdown affect the majority of computers in the world.
1. Boot-up protections
Microsoft Windows 10: Microsoft has long led the way with pre-boot, boot, and post-boot protections. Some of the defenses were borrowed from other open-source operating system initiatives, some from industry-wide initiatives, and many others self-invented. Today, Microsoft places many of them under the larger branding umbrella of Windows Defender System Guard. Boot protections, in particular, are known as Secure Boot.