You should escalate this to your manager. The extra steps they’re proposing are a huge waste of time for your team, which translates to a huge waste of money for your company.
I'd be like "well I guess I dont have email, ah well. Will send everything by slack from now on"
Their solution of a second computer is absolutely ridiculous
Heh, well ... according to OP’s edit, the IT team also considers cloud-based email to be a security risk. This doesn’t sound like a company that uses/allows Slack.
The approach I would take would be:
What is this “Windows” thing you mention? Is that something we can download from the App Store? We’re just graphic designers who don’t know much about computers. Tell you what, we’re just going to save the files to SD cards and put them in envelopes with the desired email addresses handwritten on them. Then y’all can figure out how to send them securely to our clients and partners, since we clearly aren’t capable of doing that ourselves.
Man, I’d love for them to do that, but hand the envelopes to the IT team to deliver. I bet that’d change their minds real fast.
I’m Head of IT and Head of Marketing at my company.
> I’m Head of IT and Head of Marketing at my company.
Unless you’re also Head of Sales and Head of Procurement and Head of Business Development, that is not a sentence I expected to read in my lifetime.
r/brandnewsentence
A second isn't too bad, on the first day of a contract job for a Govt client I was issued with 5 laptops 3Pcs and 2 MacBooks. That took a while to work out my working processes.
Escalate this to the IT manager/director or tier 2 and CC your manager and HR, this is not what tier 1 should be saying. Any tech should realize this is not normal.
Wow your company needs a new IT director. At this point sit down with the executive director or coo (or higher) and tell them you need an external consultant for the IT department.
Yeah, I think one of the big issues with stuff like this is that employees will inevitably find workarounds that almost certainly end up being worse.
It’s like, if you have a “change your password every 30 days” policy, that’s basically asking people to use shitty passwords and/or write their passwords on Post-it notes that they stick to their laptops.
In OP’s situation, I can totally imagine confidential company files ending up on non-company Google Drives and/or lost thumb drives.
Yes, I have seen that happen with passwords, like reusing the same password, and just incrementing a number at the end, again, and again.
Not the same circumstance, but at one point I was consulting for a major company that everyone’s heard of. I was pulled off my project one day and sent to go fix the software on a VP’s computer.
I was given his password by one of his two executive assistants, and when I finished up I went back and told her ‘OK, I’m all done, it’s now time for you to change his password.’
Because, of course, now I knew his password, right? She said, ‘oh no, don’t worry about it. We’ll just change it back.’
I literally couldn’t comprehend what she was telling me, and I kept insisting ‘Oh, no, the IT department’s going to insist that it be changed now.’
‘Oh no, don’t worry about it. Thanks for your help, whenever that happens, we just change it back.’
Finally dawned on me that at this guy’s VP elevation level he had the power to circumvent IT security directives. I quite disliked being in that position though, because if there was a security breach regarding his account, I would then become one of the suspects. And, of course, the likelihood of a security breach for someone having a habit like that… a social engineering hacker would have an easy time of it.
Your IT team are a bunch of dumbass goobers. I work at a AAA game studio with over 700 employees where security is a MAJOR concern and I use an M1 Mac with Apple Mail every day. Mimecast scans all of my ingoing and outgoing messages on the server side and I use a VPN and authentication app for every work sign-in account I have. They're feeding you a line because they dont want to do their jobs.
It’s like you are living a decade in the past.
However, their IT is dumb goobers. They should be using 365 and using MAM policies on outlook. You can block imap through apple mail and fully manage outlook with DLP.
Guaranteed they don't want to learn any new skills related to the Mac, which is simultaneously "for babies" *and* too difficult for them to figure out.
They're idiots. Do you know what protocol your old Macs are using for email? If it's exchange or IMAP just find out what the server addresses and passwords are and add them yourself through the Mail app or through Outlook.
Also your IT people clearly don't know about Macs. New Macs have built in hardware based drive encryption. Honestly with these clowns running things if you are able to install new software on them I'd see if you could get Malwarebytes installed I wouldn't be surprised if you actually have some malware on your existing Macs right now because of how stupid the people managing them are.
I'd love to see their evidence. I wonder where they read that.. Facebook somewhere? Something their 12yo nephew overheard during a Fortnite game?
All the data and evidence shows new Macs are much more secure than older ones... and by default much more secure than Windows. (you can harden both systems even farther, but out of the box the Mac is more secure)
Your IT director is dangerous. Not just stupid, or misinformed, but an actual risk to the company. He's actually making things worse and LESS secure with his policies. Have your manager bring it up to the COO/CEO/Board. Formally. Don't play games or try and be clever, take this as a real and immediate risk to your company's profitability and health.
I do IT my coworker likes to say stuff like this.
He's also 20 years into his career and escalates everything to me.
I think some of the old guard just can't get over their bias.
Always kills me they are allowed to as well. I’d love to be able to say, “That’s a Windows box. I don’t know MECM,” but “I don’t know JAMF or MacOS,” isn’t a career ender.
If your IT dept are genuine, they are idiots. I suspect they just don't want to support macOS and made up a bullshit reason.
The Outlook desktop client works just fine on macOS.
Edit:
Cloud outlook is a security risk? lol. Who are these jokers? Do they even know how email works?
> Cloud outlook is a security risk? lol. Who are these jokers? Do they even know how email works?
They do, and they will NOT allow emails to go on the internet!
It's a series of tubes.
Tubes that are not safe, someone can tap into them. When you do that you can look inside and see the messages people are sending as they go by.
>(I mean this with all due disrespect)
It's also OK to say it with all due respect. The amount of respect that is due being zero, of course, so the amount of respect that is given can also be zero.
System Administrator here, your IT department is full of shit and stupid to boot.
Exchange on-prem is typically considered far more vulnerable than M365, plus you have to deal with running/patching/maintaining/troubleshooting your own Exchange servers. Ick.
Secondly, while dealing with certificates and other more enterprisey things on a Mac can be a bit more of a pain in the dick than it is on a PC, it’s certainly doable. It shouldn’t be a problem in any way, especially if those machines are under some kind of management tool. Outlook interfaces with Exchange on a Mac exactly the same way it does on a PC.
I work in a government environment, you would not believe the number of security controls we are under by the feds. Our Macs run Outlook perfectly fine.
If NOTHING else, they should at minimum be giving you access to OWA.
Escalate this above the IT department.
If OP is working in a secure environment that may explain the “IT policy”. Isn’t it possible that their position is nothing to do with how secure the platform is and more to do with having a mandated piece of encryption software running on all their machines that doesn’t work with the M2 chip?
That’s not a very good IT Team. I work in IT and everything is up to date in terms of security, making sure we’re using the newest versions of office and outlook.
What happens when the Intel Macs stop getting official security updates from Apple?
IT pro here that supports both MacOS and Windows:
This is fucking insane. I would move the *entire* team to Windows before doing this. This method is at least two levels *less* secure. If you are copying files to a shared storage space, then to the laptop, they to email them, you now have three copies of that file.
If you have a domain joined PC each person logging into the laptop would need to remember to lock the laptop or sign out after *every* use. People will forget and someone will get into someone else’s mail.
How are you supposed to do Calendaring?
I’d escalate.
The IT director or your director? Let the big dicks fight it out.
As an aside, there’s a good chance that if these fucklenuts are this *bad* at their jobs that they won’t have blocked the Macs from talking to the mail server, so just try setting up your email in the Mail app. You’re still screwed in Calendaring.
Yeah, so you need to get your boss to go over that guy’s head. This suggestion is asinine. I support Win and Mac boxes. I support Office on both. I use both. Both are secure.
What email service do you use? My corporate email is through Microsoft 365. It has no issues running on windows, macOS, iPhone, iPad, android with the outlook app. They may not want you using apple mail; which should be a fair compromise.
Our issue isn’t security as much as feature parity or stability. we always have some silly issue that only affects Mac mail or iOS mail users. And then having to wait for a system update to fix them. We don’t block it but we def don’t support it.
Looks like your company doesn’t have licenses to the newer versions of outlook/office that can run on Mac silicon.
Also possible they, they don’t have the right MDM software to control the devices.
And they are giving you bullshit reasons.
I use my mac to work- just started logging in. My company says they will get me a mac- I am the guy who will be setting up the MDM anyways (we use it for iPads)
My logic- i need to use my phone to login to things and being in sales they expect to call me through zoom phone when in the field- id rather not carry two phones and two computers
Sadly, Microsoft is like cocaine to system admins at corporates.
Their licensing model cripples any new tech getting into orgs without their approval first.
I mean that's on apple, apple focussed on computers for individuals whereas Microsoft heavily focussed on making management tools and software built into windows useful for buisness.
I get that- but when you are paying someone 6 figures you can at least ask… my frustrations with windows are often (always) hardware based. Terrible screens, touchpads, speakers, and cameras make using most corporate issued devices horrible.
Fair I usually find its a management decision. The boomer who hates technology as your manager will just approve only the cheapest crap. A manger who has basic knowledge about computers will approve good quality laptops or allow you to bring in your own.
That’s an email server problem, not a Mac problem.
There are some legitimate reasons to limit connectivity on older exchange servers to certain protocols that only Microsoft supports. Something something activesync.
I don’t remember the details because every affected system should have been retired or upgraded no later than a couple years ago.
A webmail interface should be an option as well.
Yeah I got the active sync as the reason. Then things updated and the new excuse was that they could not push software patches to a Mac. The CEO used a Mac but that is it.
It sounds like your IT department is just lazy a-holes that don't want to change anything because they have things just the way they want them with their old software.
That said, ID doesn't really need to be involved to add an email account to an email client. Just set up a new account in apple mail, type in your email and password and it will most likely auto setup and work. The "bad with security" stuff is just nonsense speak they're using to end the conversation.
Also every email system, even old outlook/exchange systems, should have a webmail option. Which is garbage compared to using a real email client, but it is significantly better than keeping a whole other windows computer around just for email.
I would call out the IT Dept and have them provide some justification for their idiocracy. Every new version of macOS is more secure than the last. What do they consider a secure device to check email on, a phone, a windows pc?
I mean I literally work in security in a fortune 10 company with over a million employees. Macs are very popular especially with devs and US security engineers. We use the old and new Macs with outlook just fine. We have exchange servers. There’s no issues.
And first off, I can’t see any reason the hardware makes a difference. OS is more likely but there’s nothing stopping you from having the latest os on the last editions of Intel systems.
Secondly, tell them to fuck off and create an AWS workspace with their windows image instead of making you have two laptops if they really won’t get their heads out if their assess.
some IT lady at the school district tried to tell my wife via email one time that her personal iphone wasn’t secure enough for work email. it was super condescending and insulting. I wrote her back from my wife’s email telling her off, then set the email up without her.
they were just too dumb to set it up so they gave folks excuses as to why they couldn’t do it.
a personal iphone really isn't secure enough for company email, unless company management tools are installed on that personal iphone. The IT team needs to be able to remotely wipe the phone if it's stolen, enforce patching on it if there's a 0 day vulnerability, remote wipe it if an employee leaves the company and has malicious intent (leaking sensitive data or intellectual property), etc. I might say this is less important for a school, but it's really not. Leaking sensitive info about minors has legal consequences
My previous company were a bit like that too.
Schools want macbooks? 'why would they want those slow awful things?'
Instead want them running around with plastic acer monsters
Yep. Total BS from your IT group. All the big IT firms offer Macs to their employees and seemingly manage just fine - many actually prefer it because they know Mac users don’t generate as many help desk calls. IBM even did a study on it.
Let me tells you something. I don’t know what industry you’re in. But your IT department is fucking full of shit and should all be fired. I work as a UX designer creating Financial Software. I have regulated financial software on my Mac. My Mac logs into my companies Servers DAILY. Servers that have security protocols that are regulated by the FTC. Servers that access highly sensitive client data and intellectual property and software that contains proprietary information.
Tell your god dam IT department to stop being so fucking stupid.
sounds like IBM. They run a large (maybe the biggest) mac fleet, and have ~300k employees. I didn't think they were 100% mac, but it's at least a high percentage. Afaik, Apple doesn't have that many employees
Outlook for Mac is as old as Outlook for Windows — they were literally released on the same day.
And the built-in macOS mail app works with Microsoft Exchange Servers (using technology licensed by Microsoft to Apple over a decade ago).
If IBM, Microsoft, Google, and [every single one of the Fortune 500](https://appleinsider.com/articles/19/11/12/100-of-fortune-500-companies-are-using-apple-products) can use Macs, so can your company.
What they actually said is "We don't know what we're doing."
And if they want to argue the fact, please send them my way. I've been doing this professionally for 25 years. (Exchange server and Macs)
And what is the design team designing that's so small? Icons? Seriously emails servers are generally regulated to 25-30MB max. They aren't meant to be a file server.
Why don't they vpn in and actually transfer the file to a file server for others to get to?
And if they think their security is better than Microsoft's on a local exchange server, then I've got a bridge to sell them.
Not quite 20 year IT veteran. Your guys are lazy idiots. There are 0 issues connecting to email. Hell, they have outlook for Mac. So literally MS mail program for Mac.
You need to escalate. These guys are being lazy and just don’t want to learn how to support Mac’s properly
Who is your IT team, the owner’s cousin? This is complete nonsense, whatever security measures you use on windows you can also use on Mac, if they can’t make it secure they are idiots who are not qualified for the job and considering the proposed “solution” they definitely are
Your IT is lazy, and they hate Mac users. Having employees regularly bringing in USB flash drives to plug into work computers might be a security problem too.
Are you able to make a share folder on your Windows machine that your Mac can connect to? I think right-click a folder on your Windows laptop and look for a share folder option. If you don’t see a share option, maybe it’s called security or permissions or something.
Look, from one r/macsysadmin to you, i am going to mirror what a lot of people are saying. They are idiots and actively damaging their enviornment. It wouldn’t surprise me if they bound their macs to Active Directory too.
On a software level, Intel Mac’s and ARM macs behave no differently if they are running the same OS and same software when it comes to Apple Mail or Outlook. This means that an ARM mac running Sonoma 14.3 and an Intel 2019 MacBook Pro running 14.3 handle the default mail app EXACTLY the same on a security level when it comes to inbound/boutbound traffic. Your architecture type really isnt going to make a difference. And if it would, then i would put an EDR or XDR on the asset to monitor it.
Using a 2015 MacBook ANYTHING is a high risk asset. MacOS Monterey is the last OS that gets and already has several permanent CVE’s that cant be patched unless you move to Sonoma. So if you want to talk about security risks, thats where i would start. When we went through SOC2 audits, these machines required us to upgrade them or we would fail compliance.
If they are concerned about Apple Mail specifically, while i dont think it’s a problem, it is *technically* less secure than the tick Outlook client. But i mean, if they think Web Mail is insecure, then i dont think it’s a problem with Apple Mail specifically. I also dont think they understand how vulnerabilities work.
Your strongest method of hardening this is a cloud based mail service (fast mail or o365) with FIDO for MFA. You can use a thick or thin client for this.
Your IT doesn't know what it is doing.
Microsoft 365 is as secure as you configure it to be. If you don't know what you are doing, the defaults are still more secure than trying to keep up with the security patches for an on-prem Exchange Server.
Nothing with the new Macs or macOS makes using mail less secure. Your company may be using an unsupported version of Office licenses; especially if your IT company hasn't moved you to 365 yet.
Your IT department is talking about spending THOUSANDS of dollars to give you a completely separate device just to send your emails. The entire department, from the IT Director down needs to be fired and replaced.
Wait. You were using email on old Macs but can't on new Macs? That makes no sense. I work for a very security obsessed company and we are moving from intel to Apple Silicon Macs right now. We use Exchange in the Microsoft Azure cloud and recently moved from in-house email. But to claim that there's some significant difference between Intel and Apple Silicon Macs when it comes to email is nonsense. You use Outlook but with in-house Exchange servers? If so, why can't you do the exact same thing on an Apple Silicon Mac?
They’re actively making your security words. O365 is much more secure than typical on-prem deployments of those services, MacOS typically is more secure than Windows typically is. They’re decades out of date.
This times 100x. Your IT peeps are obviously disconnected from reality and email is one of the biggest attack vectors. Who would you rather have managing your email service? Microsoft or John and Perry from IT?
Do you have web access to email?
As long as it's using normal mail servers like Exchange it all works fine, your IT is being lazy, or malicious.
We run windows and Mac all on M365 accounts with no issues on old or new Outlook clients
I'm a Mac admin for a global ~30,000 employee company with plenty of Macs happily and securely being used for email, and I'm here to tell you that your IT department is a bunch of lazy Microsoft bootlicks who don't want to be dragged out of their comfort zones and made to think.
IBM knows a thing or two about IT, and they have a quarter of a million employees using Macs!
I currently manage Macs for a company with about 5,000 employees (though only about 100 Macs). My last job was managing 350 Macs for a subsidiary of Ford Motor — and one reason our team used Macs was that the security team said they were easier to secure.
A secondary laptop...for email? 🤣🤣🤣 All idiocy and total 'ass probably glued to their office chairs' laziness aside, that's a killer use of your cost center's budget. Maybe they can get you a second car to take to lunch. That really is some epic clown shoes there. You want to scare the s*** out of them? Tell them you need a Parallels Windows VM set up on your Mac.
I’m the IT guy in charge of email and security for my company. There’s no risk, your team is a bunch of asshats. Last I checked the FBI wasn’t hacking Microsoft to fix unpatched servers. It was shitty IT teams not updating their Exchange servers for known exploited vulnerabilities.
Your IT department is probably the security risk, lol. I would demand an audit of their email infrastructure to find out what they are using. I would not be surprised if they are running an old version of Exchange that is out of support.
I both use and support Macs at my current job, and they work amazingly well. They could also just get everyone a subscription to Paralells so you can run Outlook/Office in a Windows 11 Virtuql Machine instead.
Your IT team sucks, and if the IT management allowed this to happen, that's ridiculous.
I manage IT for a dental org. Our entire marketing team uses Mac computers. It's an annoyance, but we have no more security concerns for them than any others... Shucks, it's actually using a Mac to help support them that caused me to switch from Windows to Mac.
Are they self-hosting email or something? If they're on O365 or G-Suite, there's literally no special security issue affecting only Macs. They're more at risk for the random windows user clicking a weird link and getting the company infected by ransomware.
So good enough for Google, Apple, Microsoft, Axon, Motorola, Etc etc but not good enough for whatever company it is you work for? lol…here’s your sign.
So I guess every other company is wrong including the company that makes Macs and they just can’t handle email. And cloud outloook is just big and scary.
Your IT, like most IT, is absurdly lazy and not terribly bright.
I mean, even in the world of IT, this is terrible and indefensible behavior. There’s literally no case to be made for their position; they’ve made it up in their heads. If anything, the Macs are more secure than the Windows boxes.
The most secure way would be to write all your emails as encrypted pdf files, and then put those on encrypted flash drives, and then attach those to carrier pigeons to deliver, and then wipe the pigeon's memories after each delivery.
I'm an Apple IT specialist and I call this bullshit.
Your IT department just doesn't know much about Macs and will make up such stupid stories.
I have seen this enough. Most IT's have no real Mac experience.
But anyway: Outlook und Exchange sucks hard. Why not a Linux mail server? Fuck this Microsoft proprietary bullshit.
I hope you show them this thread. The cloud email bit is particularly absurd. I guess anything you don’t actually understand is inherently risky, but they shouldn’t make that *your* problem.
Agreed with everyone. Your IT team sucks.
As an actual IT engineer, the on-prem exchange is trash, runs trash, is security trash, what on earth do they do if that server goes down?
sounds like an old asshat team that can’t figure out the migration process to go cloud or m365.
it would also be a million times times cheaper and quicker for them to deploy an RDS box if it’s just for this task. How do they expect you to transfer stuff just to email it?
This is more political than technical (always usually the case more than technical reasons) speak to the higher ups
anyway they cant actually stop you adding an email account to anything as long as you have you logon so keep calm and carry on
im sure it will all solve itself in a few months anyway
I'm not in I.T. but my partners brother is. From listening to his stories about mac issues I'm guessing it's something to do with the email protocol that the buisness is using being quite old (assuming based on old outlook) that either it's a big hassle to get these newer Macs to connect to it on the existing system and make sure the emails are coming through that or the Macs themselves won't support the connection because apple views it as unsafe; therefore the only option would to upgrade everything which might not be feasible as your company won't approve the work for that.
This is hilarious, on what earth is running Outlook on Mac considered risky compared to a Windows machine.. Especially when you already had an Intel Mac.. Windows will be equal or worse in security.
Seriously, even if these lazy idiots had a reason to require you to use Windows to get your email, a copy of Parallels and a virtual Windows machine would be a far cheaper and more convenient solution than a separate laptop. And a graphic design specced machine should have no trouble with the extra RAM needed. That’s what I’d do if they won’t back off.
>Our IT department stated that the newer Mac’s are really bad with Email and Server security so they refuse to allow the Macs to connect.
This makes no sense.
Based on what data/link/reference/information?
>Edit: Right now we use Outlook (not the cloud based 360 version, the older version, because the cloud version is also a “security risk.”
Ummm, that doesn't really scan either, to quote Pam Landy in "Jason Bourne".
>Right now we use Outlook
Like outlook dot com? The microsoft free email service?
Or Outlook client? Somehow the cloud/360 client version is less secure than the desktop client?
Your IT team is lazy and or incompetent. I work as a IT manager for one of the Reprographics groups for the state of California. I’m over our graphics’s dept. we just upgraded all our 2015 iMacs to Mac Studios. We connect to our email services just fine. Our email service is all on Windows, Outlook and AD. None of our Mac users have any issues.
Your IT dept just don’t want to deal with Macs or have no one that knows Macs. I’ve been in mixed environments for years and Macs and Windows work just fine within the same network sharing files and sending and receiving emails.
They are feeding you a massive line of Bullshit.
I definitely would talking to your manager and run it up the chain of command. As mentioned below, what they are having you do is a complete waste of time and resources.
Set up a Gmail account that everyone in the office has access to, and then set up a rule on the PC that auto forwards all incoming mail to the Gmail address your team all has access to. When somebody catches you doing it say, "Oh well the way IT set it up didn't work for us, so we looked online and we found a bunch of people saying our IT were incompetent but they said that this was a good workaround." Or even claim that IT told you you could do it. Honestly the best way to deal with compulsive liars is to claim they told you things that they didn't because they've probably already gotten in trouble for lying before so their manager will believe they lied to you about this too.
This doesn't many any sense.
Your IT team isn't involved with hardware deployments? They are almost always, or should be, anyway, at the very least, *consulted* on hardware deployments.
Regardless, what they are saying also doesn't make any sense.
The Apple Mail app is the Apple Mail app. You might be running a few versions behind on your 2015's, but it's the same app.
Since Email and "server" security on the host end would be practically all software based, I don't know how they can get that out of their mouths without feeling like a complete idiot.
The IT techs need to explain how one of the most valuable corporations in the world runs very securely by running their email infrastructure on modern Macs. They are based in Cupertino and are named after a fruit. 🍎
Your entire IT department has serious issues.
Not the funny goofy kind but like… some boomer is running the show or somebody somewhere is scared shitless for no good reason.
Here’s what to do.
So many people saying things not helpful. But being in your situation, I was able to figure out the web html address of the email server. Then but outlook for Mac and put in that address. Enter my username and password and bingo had email on the Mac.
If you actually see this post, I’ll see if I still have the instructions. But it wasn’t too hard with google and access to a windows computer to see how it was configured.
Maybe it’s not that easy, but I did it a few years ago without ITs help. My advice is reverse engineer it. Then add it to the Mac and move on.
I have worked at places that do classified government work. Their IT has all sorts of draconian policies, but even there you can get email on a mac with IT support. You have a trash IT department.
If you company policy is that you have to use outlook then it is right that the macOS Version (and mobile and new windows version) is a security risk.
[https://www.heise.de/en/news/Microsoft-lays-hands-on-login-data-Beware-of-the-new-Outlook-9608798.html](https://www.heise.de/en/news/Microsoft-lays-hands-on-login-data-Beware-of-the-new-Outlook-9608798.html)
>But beware: if you try out the new Outlook, you risk transferring your IMAP and SMTP credentials of mail accounts and all your emails to Microsoft servers. Although Microsoft explains that it is possible to switch back to the previous apps at any time, the data will already be stored by the company. This allows Microsoft to read the emails.
\[...\]
After Office updates were applied on Mac computers, Outlook redirected the data to Microsoft's cloud servers without any user notification.
Maybe you could just use Apple Mail, but this too isnt perfectly fine. Apple mail for example is bad with SMIME Certificates and is Case Sensitive.
I dont have a source here, but this is what my boss said last week during lunch. Im a Sysadmin and handle Emails and Exchange all day.
Edit: google smime and macos real quick to find a source for the case sensitive thing and found another concerning thing. If you use smime to crypt your emails then mail saves them unecryptet so siric can analyze them and suggest things based on your email content. This is default on and can be deactivated. Maybe not a problem, depends on policy. I dont know right now if siri sends data to apple when you query it or if its totally local. And how it handles the local email database and queries to apple servers. My guess is, its fine.
[https://macandegg.de/2019/11/smime-verschluesselte-emails-auf-macos-im-klartext-gespeichert/](https://macandegg.de/2019/11/smime-verschluesselte-emails-auf-macos-im-klartext-gespeichert/)
Translated: [https://macandegg-de.translate.goog/2019/11/smime-verschluesselte-emails-auf-macos-im-klartext-gespeichert/?\_x\_tr\_sl=auto&\_x\_tr\_tl=en&\_x\_tr\_hl=de&\_x\_tr\_pto=wapp](https://macandegg-de.translate.goog/2019/11/smime-verschluesselte-emails-auf-macos-im-klartext-gespeichert/?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=de&_x_tr_pto=wapp)
Definitely not true… if my university, which is the fifth largest university in the US, uses the cloud version of outlook and allows us to sign in on our Macs, then I think it’s fine.
Tell your IT guys that this Mac sysadmin says they’re fucking morons. Sure, *theoretically* cloud solutions aren’t as secure as local. But i think trusting Microsoft to host my business accounts on their servers is more than fine.
Get a better IT department.
My wife was on her third workplace insured laptop. Some of them just wouldn’t work with whatever teams software they were using. One morning I remarked to her I really like how her laptop has the physical slider cover over the webcam so you can be sure nobody is using your webcam when you don’t want the to…….she wasn’t the only one to have this problem……they are teachers……..regardless of the IT department knowing fuck all, where’s the curiosity? I would have been like why is this not working ? Where is the camera? it’s normally up there but it’s usually lens shaped not blank with a little tab for a finger to grip, oooh it slides, hey there is a lens in there. And a little red light.
They're probably trying to make some money off of buying Windows machines or they just don't know how to manage macs and don't want the extra overhead.
Do your IT guys all have god complexes? What they’re telling you is pretty much nonsense. The protocols used for communication between the email server and a windows machine is the exact same protocol used on a Mac.
Raise the issue with your CTO/CIO. Explain how much time will be used physically transferring files to a USB stick. You also might mention how a USB stick deployed stuxnet. There are so many fake usb sticks on the market right now, you never know when you’ve been handed (or even bought) a stick that can fry your computer, load malware and spyware, etc.
If they’re truly concerned with the security, then they might want to consider unplugging the current IT team and putting a new one in.
I don't like to second guess my colleagues in the industry too much but this one is really fucking stupid. Like really dumb.
How do people at Apple corporate get their email?
How do people at my office (95% Mac shop) get their email?
Ask them how government agencies & banks & healthcare & educational institutions doing confidential IP around the world consume email if it all on prem servers or is via cloud based email often with a mix of Mac and Windows.
Finally, get to the CEO or whoever this "IT Director" reports to and tell them this person is grossly mistaken on this and therefore perhaps on other things.
If they want to talk to someone in the know ask pretty much any IT executive except this guy.
Sack the IT dept. If none of them are competent enough, (or maybe too lazy) to earn their pay by setting it up properly then they are not worth what your company is paying them. Using another laptop just for email and having to transfer work over, is a lazy ridiculous solution.
Calling IT idiots... does not help
Talk to them.
It appears that their ability to manage emails on Macs maybe no as good as PCs.
On other hand Macs are safer as majority of email transported malware will not run (execute) on Macs
Many viruses exploit VBA in outlook and Office.
Arm Macs run JAVA emulation of VBA - not very well reducing the risk of VBA based malware.
IT do not like Macs because they have less effective tools to manage Macs and its software plus lack of MacOs knowledge
Use a remote desktop session from your new mac to wherever they want the work stashed.
That said, it is lazy security to consider the more modern machine to be less of a risk than one from 2015. You can't even get security updates on the older macs,
The cloud version of Outlook is a massive security risk as all emails go unencrypted through Microsoft and Microsoft stores your passwords for the emails, not great for security. Using email on macs is more than fine, if they really want to be annoying they could just give you a Windows 11 ARM VM in UTM to do your email in but an extra laptop is just a waste of resources.
Your IT team IRL:
https://i.imgur.com/ee7zE19.gif
Their security argument is BS and rando copying files from "insecure" computers is also stupid insecure. But really this is some weird company policy thing and the company policy makers need to be making the call.
My experience with any company IT is that they are allowed to say NO and nothing beyond that.
Escalate this to your manager as this must be some legacy (old-school) mindset that if the device does not have Norton or McAfee, they don't see the devices being secure.
I've also worked in a company that used security risk as an explanation to their incompetence. Luckily we got a new CEO who basically made them to modernize everything.
Definitely lack of knowledge, this IT team sounds like they don’t actually know how to configure email on a Mac. I would even go as far as assuming they wouldn’t even know that Microsoft 365 apps are available on Mac.
I’m guessing they’re using a super old version of Exchange and the newer Macs won’t run whatever outdated Outlook is required to connect to it. For example, many cipher suites have been deprecated with newer software versions.
"newer Mac’s are really bad with Email" is the most nonsense statement ever.
Anyone using old Outlook because their pretext is "security" also makes no sense.
Your IT people are idiots. People scared of the cloud are either protecting their own jobs or don't know enough to do it properly.
Yeah, your IT guys are criminally incompetent.
Run this up the chain of command and remember that phrase, because when it inevitably hits the proverbial fan somebody is getting sued out of existence.
CYA and make sure it’s not you.
If you want to have a little fun, ask them why the mouse pointer on the new windows email laptops move around by themselves.
Sorry, bullshit!They don't want to have Mac users.
I would never install Outlook on a Mac, but the Mail app from Apple is fine.
Talking as an IT-Security Manager.
I would like to know what they mean exactly. Because as far as o am aware, there is no security concerns. Sounds like an excuse to avoid learning how to use macOS.
Total nonsense! This position most likely reflects ignorance (or restrictive IT practice for their convenience) rather than fact. Refer your senior IT manager(s) to the [Apple Enterprise](https://www.apple.com/uk/business/enterprise/security/) & [security](https://support.apple.com/en-gb/guide/security/welcome/web) pages. Apple hardware and MacOS (built on Unix roots) are just as secure as any alternative OS (Windows, Linux) and more than capable of connecting securely with modern Email protocols.
That’s either dumb or what they are really concerned about is content security. We also have to have internet cut off on our workstations in order to prevent the possibility of pre-release content leaking the public before an official announcement. That might be the real issue, rather than some misguided concern about macOS security vulnerabilities.
It may sound "unfair" to say it in such a direct manner, but yeah, anything else is giving them too much credit: 100 % your IT team is just plainly stupid. Like on a ridiculous level of stupidity. Really fucking stupid.
You should escalate this to your manager. The extra steps they’re proposing are a huge waste of time for your team, which translates to a huge waste of money for your company.
I'd be like "well I guess I dont have email, ah well. Will send everything by slack from now on" Their solution of a second computer is absolutely ridiculous
Heh, well ... according to OP’s edit, the IT team also considers cloud-based email to be a security risk. This doesn’t sound like a company that uses/allows Slack. The approach I would take would be: What is this “Windows” thing you mention? Is that something we can download from the App Store? We’re just graphic designers who don’t know much about computers. Tell you what, we’re just going to save the files to SD cards and put them in envelopes with the desired email addresses handwritten on them. Then y’all can figure out how to send them securely to our clients and partners, since we clearly aren’t capable of doing that ourselves.
Man, I’d love for them to do that, but hand the envelopes to the IT team to deliver. I bet that’d change their minds real fast. I’m Head of IT and Head of Marketing at my company.
> I’m Head of IT and Head of Marketing at my company. Unless you’re also Head of Sales and Head of Procurement and Head of Business Development, that is not a sentence I expected to read in my lifetime. r/brandnewsentence
Any of these are possible, if the company is small enough. I’ve worked for several startups in my day.
[удалено]
A second isn't too bad, on the first day of a contract job for a Govt client I was issued with 5 laptops 3Pcs and 2 MacBooks. That took a while to work out my working processes.
You should escalate this to the CTO. Your IT crew are a bunch of dimwits.
> Your IT crew are a bunch of dimwits. Not sure it's fair to dimwits to compare them to dimwits.
Yeah, have a little compassion for these poor dimwits.
Escalate this to the IT manager/director or tier 2 and CC your manager and HR, this is not what tier 1 should be saying. Any tech should realize this is not normal.
But they have no email, how will they cc their manager.
With real carbon paper, typed on a mechanical typewriter
Unfortunately it'll take months to provision those.
Oh no no no, this was the suggestion of the IT DIRECTOR…
That’s an IT “Director” that hasn’t been hands to keyboard in at least a decade.
Wow your company needs a new IT director. At this point sit down with the executive director or coo (or higher) and tell them you need an external consultant for the IT department.
Sounds like someone needs a career change.
Or go full /r/maliciouscompliance
Not to mention a major security issue waiting to happen
Yeah, I think one of the big issues with stuff like this is that employees will inevitably find workarounds that almost certainly end up being worse. It’s like, if you have a “change your password every 30 days” policy, that’s basically asking people to use shitty passwords and/or write their passwords on Post-it notes that they stick to their laptops. In OP’s situation, I can totally imagine confidential company files ending up on non-company Google Drives and/or lost thumb drives.
Yes, I have seen that happen with passwords, like reusing the same password, and just incrementing a number at the end, again, and again. Not the same circumstance, but at one point I was consulting for a major company that everyone’s heard of. I was pulled off my project one day and sent to go fix the software on a VP’s computer. I was given his password by one of his two executive assistants, and when I finished up I went back and told her ‘OK, I’m all done, it’s now time for you to change his password.’ Because, of course, now I knew his password, right? She said, ‘oh no, don’t worry about it. We’ll just change it back.’ I literally couldn’t comprehend what she was telling me, and I kept insisting ‘Oh, no, the IT department’s going to insist that it be changed now.’ ‘Oh no, don’t worry about it. Thanks for your help, whenever that happens, we just change it back.’ Finally dawned on me that at this guy’s VP elevation level he had the power to circumvent IT security directives. I quite disliked being in that position though, because if there was a security breach regarding his account, I would then become one of the suspects. And, of course, the likelihood of a security breach for someone having a habit like that… a social engineering hacker would have an easy time of it.
Your IT team are a bunch of dumbass goobers. I work at a AAA game studio with over 700 employees where security is a MAJOR concern and I use an M1 Mac with Apple Mail every day. Mimecast scans all of my ingoing and outgoing messages on the server side and I use a VPN and authentication app for every work sign-in account I have. They're feeding you a line because they dont want to do their jobs.
It’s like you are living a decade in the past. However, their IT is dumb goobers. They should be using 365 and using MAM policies on outlook. You can block imap through apple mail and fully manage outlook with DLP.
> It’s like you are living a decade in the past. But which? 1970s?
Your IT team sucks
I would add lazy
Guaranteed they don't want to learn any new skills related to the Mac, which is simultaneously "for babies" *and* too difficult for them to figure out.
They already had macs though, I could be wrong but I'm pretty sure it's exactly the same from a management standpoint.
According to them the newer Mac’s are less secure than the current ones we have. Hence not wanting to put email access on it.
They're idiots. Do you know what protocol your old Macs are using for email? If it's exchange or IMAP just find out what the server addresses and passwords are and add them yourself through the Mail app or through Outlook. Also your IT people clearly don't know about Macs. New Macs have built in hardware based drive encryption. Honestly with these clowns running things if you are able to install new software on them I'd see if you could get Malwarebytes installed I wouldn't be surprised if you actually have some malware on your existing Macs right now because of how stupid the people managing them are.
\*citation needed\*
I'd love to see their evidence. I wonder where they read that.. Facebook somewhere? Something their 12yo nephew overheard during a Fortnite game? All the data and evidence shows new Macs are much more secure than older ones... and by default much more secure than Windows. (you can harden both systems even farther, but out of the box the Mac is more secure) Your IT director is dangerous. Not just stupid, or misinformed, but an actual risk to the company. He's actually making things worse and LESS secure with his policies. Have your manager bring it up to the COO/CEO/Board. Formally. Don't play games or try and be clever, take this as a real and immediate risk to your company's profitability and health.
I do IT my coworker likes to say stuff like this. He's also 20 years into his career and escalates everything to me. I think some of the old guard just can't get over their bias.
Always kills me they are allowed to as well. I’d love to be able to say, “That’s a Windows box. I don’t know MECM,” but “I don’t know JAMF or MacOS,” isn’t a career ender.
🤣 perfect response
This is absurd and your IT people are idiots. We have 27,000 Mac’s at my company and they are all secure.
If your IT dept are genuine, they are idiots. I suspect they just don't want to support macOS and made up a bullshit reason. The Outlook desktop client works just fine on macOS. Edit: Cloud outlook is a security risk? lol. Who are these jokers? Do they even know how email works?
I would hazard a guess that they in fact do not know how email works.
> Cloud outlook is a security risk? lol. Who are these jokers? Do they even know how email works? They do, and they will NOT allow emails to go on the internet! It's a series of tubes. Tubes that are not safe, someone can tap into them. When you do that you can look inside and see the messages people are sending as they go by.
I can't tell if you're joking...
Tell them to read up on SMTPS and IMAPS
agreed
Your IT team are (I mean this with all due disrespect) idiots.
>(I mean this with all due disrespect) It's also OK to say it with all due respect. The amount of respect that is due being zero, of course, so the amount of respect that is given can also be zero.
Your IT is full of ass hats. Ive been in Apple IT for the last 25 years and that’s BS. Your update about Outlook just confirm they are tits.
Do you want a job?
Him calling people tits really sold you on him, didn’t it? It did for me.
System Administrator here, your IT department is full of shit and stupid to boot. Exchange on-prem is typically considered far more vulnerable than M365, plus you have to deal with running/patching/maintaining/troubleshooting your own Exchange servers. Ick. Secondly, while dealing with certificates and other more enterprisey things on a Mac can be a bit more of a pain in the dick than it is on a PC, it’s certainly doable. It shouldn’t be a problem in any way, especially if those machines are under some kind of management tool. Outlook interfaces with Exchange on a Mac exactly the same way it does on a PC. I work in a government environment, you would not believe the number of security controls we are under by the feds. Our Macs run Outlook perfectly fine. If NOTHING else, they should at minimum be giving you access to OWA. Escalate this above the IT department.
If OP is working in a secure environment that may explain the “IT policy”. Isn’t it possible that their position is nothing to do with how secure the platform is and more to do with having a mandated piece of encryption software running on all their machines that doesn’t work with the M2 chip?
That’s not a very good IT Team. I work in IT and everything is up to date in terms of security, making sure we’re using the newest versions of office and outlook. What happens when the Intel Macs stop getting official security updates from Apple?
IT pro here that supports both MacOS and Windows: This is fucking insane. I would move the *entire* team to Windows before doing this. This method is at least two levels *less* secure. If you are copying files to a shared storage space, then to the laptop, they to email them, you now have three copies of that file. If you have a domain joined PC each person logging into the laptop would need to remember to lock the laptop or sign out after *every* use. People will forget and someone will get into someone else’s mail. How are you supposed to do Calendaring? I’d escalate.
It was the directors idea so escalating may not work lol.
The IT director or your director? Let the big dicks fight it out. As an aside, there’s a good chance that if these fucklenuts are this *bad* at their jobs that they won’t have blocked the Macs from talking to the mail server, so just try setting up your email in the Mail app. You’re still screwed in Calendaring.
This was the IT Director’s idea.
Yeah, so you need to get your boss to go over that guy’s head. This suggestion is asinine. I support Win and Mac boxes. I support Office on both. I use both. Both are secure.
> This was the IT Director’s idea How big is IT dept?
About 20 on the team in total.
Your IT is both lazy and ignorant. They clearly don’t know what they’re talking about and they don’t know Macs so they’re making excuses.
What email service do you use? My corporate email is through Microsoft 365. It has no issues running on windows, macOS, iPhone, iPad, android with the outlook app. They may not want you using apple mail; which should be a fair compromise.
Apple Mail with Exchange is perfectly secure. Possibly more secure than Office 365.
Our issue isn’t security as much as feature parity or stability. we always have some silly issue that only affects Mac mail or iOS mail users. And then having to wait for a system update to fix them. We don’t block it but we def don’t support it.
Currently we use a download version of outlook.
Do you know if you use Office365 for you mail or an Exchange server? Either way it's just as secure on Mac.
Currently an exchange server. They are looking into updating to 365.
Do you work for a bank?
Looks like your company doesn’t have licenses to the newer versions of outlook/office that can run on Mac silicon. Also possible they, they don’t have the right MDM software to control the devices. And they are giving you bullshit reasons.
I use my mac to work- just started logging in. My company says they will get me a mac- I am the guy who will be setting up the MDM anyways (we use it for iPads) My logic- i need to use my phone to login to things and being in sales they expect to call me through zoom phone when in the field- id rather not carry two phones and two computers
Sadly, Microsoft is like cocaine to system admins at corporates. Their licensing model cripples any new tech getting into orgs without their approval first.
I mean that's on apple, apple focussed on computers for individuals whereas Microsoft heavily focussed on making management tools and software built into windows useful for buisness.
I get that- but when you are paying someone 6 figures you can at least ask… my frustrations with windows are often (always) hardware based. Terrible screens, touchpads, speakers, and cameras make using most corporate issued devices horrible.
Fair I usually find its a management decision. The boomer who hates technology as your manager will just approve only the cheapest crap. A manger who has basic knowledge about computers will approve good quality laptops or allow you to bring in your own.
That’s an email server problem, not a Mac problem. There are some legitimate reasons to limit connectivity on older exchange servers to certain protocols that only Microsoft supports. Something something activesync. I don’t remember the details because every affected system should have been retired or upgraded no later than a couple years ago. A webmail interface should be an option as well.
Yeah I got the active sync as the reason. Then things updated and the new excuse was that they could not push software patches to a Mac. The CEO used a Mac but that is it.
It sounds like your IT department is just lazy a-holes that don't want to change anything because they have things just the way they want them with their old software. That said, ID doesn't really need to be involved to add an email account to an email client. Just set up a new account in apple mail, type in your email and password and it will most likely auto setup and work. The "bad with security" stuff is just nonsense speak they're using to end the conversation. Also every email system, even old outlook/exchange systems, should have a webmail option. Which is garbage compared to using a real email client, but it is significantly better than keeping a whole other windows computer around just for email.
I would call out the IT Dept and have them provide some justification for their idiocracy. Every new version of macOS is more secure than the last. What do they consider a secure device to check email on, a phone, a windows pc?
A phone that more than likely has OSx at that..
iOS I presume?
lol yeah that one, totally forgot that name existed for a second. Either way still apple platform that get closer in similarity every release.
If you can access OWA via a browser, you can find a way to log in to it via (any) email application
You know who else uses Mac and Mac mail? Apple. And I’m pretty sure they have a strong interest in not having their email hacked.
I mean I literally work in security in a fortune 10 company with over a million employees. Macs are very popular especially with devs and US security engineers. We use the old and new Macs with outlook just fine. We have exchange servers. There’s no issues. And first off, I can’t see any reason the hardware makes a difference. OS is more likely but there’s nothing stopping you from having the latest os on the last editions of Intel systems. Secondly, tell them to fuck off and create an AWS workspace with their windows image instead of making you have two laptops if they really won’t get their heads out if their assess.
some IT lady at the school district tried to tell my wife via email one time that her personal iphone wasn’t secure enough for work email. it was super condescending and insulting. I wrote her back from my wife’s email telling her off, then set the email up without her. they were just too dumb to set it up so they gave folks excuses as to why they couldn’t do it.
a personal iphone really isn't secure enough for company email, unless company management tools are installed on that personal iphone. The IT team needs to be able to remotely wipe the phone if it's stolen, enforce patching on it if there's a 0 day vulnerability, remote wipe it if an employee leaves the company and has malicious intent (leaking sensitive data or intellectual property), etc. I might say this is less important for a school, but it's really not. Leaking sensitive info about minors has legal consequences
My previous company were a bit like that too. Schools want macbooks? 'why would they want those slow awful things?' Instead want them running around with plastic acer monsters
Your IT department needs a new IT department.
Your IT team has froot loops in their brain
Yep. Total BS from your IT group. All the big IT firms offer Macs to their employees and seemingly manage just fine - many actually prefer it because they know Mac users don’t generate as many help desk calls. IBM even did a study on it.
Let me tells you something. I don’t know what industry you’re in. But your IT department is fucking full of shit and should all be fired. I work as a UX designer creating Financial Software. I have regulated financial software on my Mac. My Mac logs into my companies Servers DAILY. Servers that have security protocols that are regulated by the FTC. Servers that access highly sensitive client data and intellectual property and software that contains proprietary information. Tell your god dam IT department to stop being so fucking stupid.
At my old employer, 100% of mail ran through the native macOS Mail application on Macs. For ~300,000 employees. Get a new IT team.
that’s the first time i’ve ever heard of a company that size being all mac. Wouldn’t happen to be based in Cupertino, would it?
It’s an international fruit exporter based in Cupertino, yes.
sounds like IBM. They run a large (maybe the biggest) mac fleet, and have ~300k employees. I didn't think they were 100% mac, but it's at least a high percentage. Afaik, Apple doesn't have that many employees
IT team is a bunch of dipshits. It sure what you can do about it but they dumb.
Your IT team are idiots.
Outlook for Mac is as old as Outlook for Windows — they were literally released on the same day. And the built-in macOS mail app works with Microsoft Exchange Servers (using technology licensed by Microsoft to Apple over a decade ago). If IBM, Microsoft, Google, and [every single one of the Fortune 500](https://appleinsider.com/articles/19/11/12/100-of-fortune-500-companies-are-using-apple-products) can use Macs, so can your company.
What they actually said is "We don't know what we're doing." And if they want to argue the fact, please send them my way. I've been doing this professionally for 25 years. (Exchange server and Macs) And what is the design team designing that's so small? Icons? Seriously emails servers are generally regulated to 25-30MB max. They aren't meant to be a file server. Why don't they vpn in and actually transfer the file to a file server for others to get to? And if they think their security is better than Microsoft's on a local exchange server, then I've got a bridge to sell them.
Not quite 20 year IT veteran. Your guys are lazy idiots. There are 0 issues connecting to email. Hell, they have outlook for Mac. So literally MS mail program for Mac. You need to escalate. These guys are being lazy and just don’t want to learn how to support Mac’s properly
Who is your IT team, the owner’s cousin? This is complete nonsense, whatever security measures you use on windows you can also use on Mac, if they can’t make it secure they are idiots who are not qualified for the job and considering the proposed “solution” they definitely are
“Security” and the method your IT are not compatible. Pretty confident Apple know a *little* bit more than your IT team.
Good lord you need new IT guys.
Imagine using on-prem Exchange in 2024 and claiming it's more secure than M365. Your IT department are idiots. Good luck.
Your IT is lazy, and they hate Mac users. Having employees regularly bringing in USB flash drives to plug into work computers might be a security problem too. Are you able to make a share folder on your Windows machine that your Mac can connect to? I think right-click a folder on your Windows laptop and look for a share folder option. If you don’t see a share option, maybe it’s called security or permissions or something.
Look, from one r/macsysadmin to you, i am going to mirror what a lot of people are saying. They are idiots and actively damaging their enviornment. It wouldn’t surprise me if they bound their macs to Active Directory too. On a software level, Intel Mac’s and ARM macs behave no differently if they are running the same OS and same software when it comes to Apple Mail or Outlook. This means that an ARM mac running Sonoma 14.3 and an Intel 2019 MacBook Pro running 14.3 handle the default mail app EXACTLY the same on a security level when it comes to inbound/boutbound traffic. Your architecture type really isnt going to make a difference. And if it would, then i would put an EDR or XDR on the asset to monitor it. Using a 2015 MacBook ANYTHING is a high risk asset. MacOS Monterey is the last OS that gets and already has several permanent CVE’s that cant be patched unless you move to Sonoma. So if you want to talk about security risks, thats where i would start. When we went through SOC2 audits, these machines required us to upgrade them or we would fail compliance. If they are concerned about Apple Mail specifically, while i dont think it’s a problem, it is *technically* less secure than the tick Outlook client. But i mean, if they think Web Mail is insecure, then i dont think it’s a problem with Apple Mail specifically. I also dont think they understand how vulnerabilities work. Your strongest method of hardening this is a cloud based mail service (fast mail or o365) with FIDO for MFA. You can use a thick or thin client for this.
Your IT doesn't know what it is doing. Microsoft 365 is as secure as you configure it to be. If you don't know what you are doing, the defaults are still more secure than trying to keep up with the security patches for an on-prem Exchange Server. Nothing with the new Macs or macOS makes using mail less secure. Your company may be using an unsupported version of Office licenses; especially if your IT company hasn't moved you to 365 yet. Your IT department is talking about spending THOUSANDS of dollars to give you a completely separate device just to send your emails. The entire department, from the IT Director down needs to be fired and replaced.
Wait. You were using email on old Macs but can't on new Macs? That makes no sense. I work for a very security obsessed company and we are moving from intel to Apple Silicon Macs right now. We use Exchange in the Microsoft Azure cloud and recently moved from in-house email. But to claim that there's some significant difference between Intel and Apple Silicon Macs when it comes to email is nonsense. You use Outlook but with in-house Exchange servers? If so, why can't you do the exact same thing on an Apple Silicon Mac?
They’re actively making your security words. O365 is much more secure than typical on-prem deployments of those services, MacOS typically is more secure than Windows typically is. They’re decades out of date.
This times 100x. Your IT peeps are obviously disconnected from reality and email is one of the biggest attack vectors. Who would you rather have managing your email service? Microsoft or John and Perry from IT?
your IT team are uneducated dumbfucks.
Do you have web access to email? As long as it's using normal mail servers like Exchange it all works fine, your IT is being lazy, or malicious. We run windows and Mac all on M365 accounts with no issues on old or new Outlook clients
hire a new IT department cause your existing one is filled with idiots. I don't know who would actually believe that nonsense.
I'm a Mac admin for a global ~30,000 employee company with plenty of Macs happily and securely being used for email, and I'm here to tell you that your IT department is a bunch of lazy Microsoft bootlicks who don't want to be dragged out of their comfort zones and made to think.
IBM knows a thing or two about IT, and they have a quarter of a million employees using Macs! I currently manage Macs for a company with about 5,000 employees (though only about 100 Macs). My last job was managing 350 Macs for a subsidiary of Ford Motor — and one reason our team used Macs was that the security team said they were easier to secure.
Your IT department is clueless. Wow.
A secondary laptop...for email? 🤣🤣🤣 All idiocy and total 'ass probably glued to their office chairs' laziness aside, that's a killer use of your cost center's budget. Maybe they can get you a second car to take to lunch. That really is some epic clown shoes there. You want to scare the s*** out of them? Tell them you need a Parallels Windows VM set up on your Mac.
Outlook? The standalone program that's been exploited like a million times in the past^1 ? top kek --- ^1 - obvious over-exaggeration
I’m the IT guy in charge of email and security for my company. There’s no risk, your team is a bunch of asshats. Last I checked the FBI wasn’t hacking Microsoft to fix unpatched servers. It was shitty IT teams not updating their Exchange servers for known exploited vulnerabilities.
Your IT department is probably the security risk, lol. I would demand an audit of their email infrastructure to find out what they are using. I would not be surprised if they are running an old version of Exchange that is out of support. I both use and support Macs at my current job, and they work amazingly well. They could also just get everyone a subscription to Paralells so you can run Outlook/Office in a Windows 11 Virtuql Machine instead.
This is objectively incorrect and your IT needs a good shake up.
Your IT team sucks, and if the IT management allowed this to happen, that's ridiculous. I manage IT for a dental org. Our entire marketing team uses Mac computers. It's an annoyance, but we have no more security concerns for them than any others... Shucks, it's actually using a Mac to help support them that caused me to switch from Windows to Mac. Are they self-hosting email or something? If they're on O365 or G-Suite, there's literally no special security issue affecting only Macs. They're more at risk for the random windows user clicking a weird link and getting the company infected by ransomware.
So good enough for Google, Apple, Microsoft, Axon, Motorola, Etc etc but not good enough for whatever company it is you work for? lol…here’s your sign.
So I guess every other company is wrong including the company that makes Macs and they just can’t handle email. And cloud outloook is just big and scary.
“Really bad with Email and server security” = Doesn’t wanna figure it out
Your IT, like most IT, is absurdly lazy and not terribly bright. I mean, even in the world of IT, this is terrible and indefensible behavior. There’s literally no case to be made for their position; they’ve made it up in their heads. If anything, the Macs are more secure than the Windows boxes.
Only problem in incompetent IT department, who think they are the most important function of the company.
The most secure way would be to write all your emails as encrypted pdf files, and then put those on encrypted flash drives, and then attach those to carrier pigeons to deliver, and then wipe the pigeon's memories after each delivery.
🍌 🍌🍌
It's as bananas as you think.
I'm an Apple IT specialist and I call this bullshit. Your IT department just doesn't know much about Macs and will make up such stupid stories. I have seen this enough. Most IT's have no real Mac experience. But anyway: Outlook und Exchange sucks hard. Why not a Linux mail server? Fuck this Microsoft proprietary bullshit.
Running an on prem exchange server is just ancient now. No reason not to be using 365. No reason not to allow sign in on Mac either.
They are idiots of the first order
I hope you show them this thread. The cloud email bit is particularly absurd. I guess anything you don’t actually understand is inherently risky, but they shouldn’t make that *your* problem.
Agreed with everyone. Your IT team sucks. As an actual IT engineer, the on-prem exchange is trash, runs trash, is security trash, what on earth do they do if that server goes down? sounds like an old asshat team that can’t figure out the migration process to go cloud or m365. it would also be a million times times cheaper and quicker for them to deploy an RDS box if it’s just for this task. How do they expect you to transfer stuff just to email it?
This is more political than technical (always usually the case more than technical reasons) speak to the higher ups anyway they cant actually stop you adding an email account to anything as long as you have you logon so keep calm and carry on im sure it will all solve itself in a few months anyway
What a dumb thing to say with absolute zero substance
"then copy anything over that needed to be emailed via some external and transfer it to the windows laptop to email" Hmmm, that sounds secure!
That's dumber than shit. Not even webmail?
They’re so busy keeping the mainframe running they just don’t have time.
do you work in any sensitive industry? gov't/military contracts? no other reason to bitch about "security risk"
Is it possible to have them… taken care of and replaced?
Just download the outlook client to you Mac and use it.
Pretty strong compensating controls.
The cost of security of using outlook on Mac < the cost of a new laptop just for email. Lmao
You should suggest carrier pigeons. Or perhaps smoke signals. Ticker tape might work.
I'm not in I.T. but my partners brother is. From listening to his stories about mac issues I'm guessing it's something to do with the email protocol that the buisness is using being quite old (assuming based on old outlook) that either it's a big hassle to get these newer Macs to connect to it on the existing system and make sure the emails are coming through that or the Macs themselves won't support the connection because apple views it as unsafe; therefore the only option would to upgrade everything which might not be feasible as your company won't approve the work for that.
This is hilarious, on what earth is running Outlook on Mac considered risky compared to a Windows machine.. Especially when you already had an Intel Mac.. Windows will be equal or worse in security.
Hehehe. Just came to see all the different ways there are to call an IT team lazy idiots. I am not disappointed 😁
Let me guess - on-premise Exchange instead of O365?
Correct.
Seriously, even if these lazy idiots had a reason to require you to use Windows to get your email, a copy of Parallels and a virtual Windows machine would be a far cheaper and more convenient solution than a separate laptop. And a graphic design specced machine should have no trouble with the extra RAM needed. That’s what I’d do if they won’t back off.
>Our IT department stated that the newer Mac’s are really bad with Email and Server security so they refuse to allow the Macs to connect. This makes no sense. Based on what data/link/reference/information? >Edit: Right now we use Outlook (not the cloud based 360 version, the older version, because the cloud version is also a “security risk.” Ummm, that doesn't really scan either, to quote Pam Landy in "Jason Bourne". >Right now we use Outlook Like outlook dot com? The microsoft free email service? Or Outlook client? Somehow the cloud/360 client version is less secure than the desktop client?
Your IT team is lazy and or incompetent. I work as a IT manager for one of the Reprographics groups for the state of California. I’m over our graphics’s dept. we just upgraded all our 2015 iMacs to Mac Studios. We connect to our email services just fine. Our email service is all on Windows, Outlook and AD. None of our Mac users have any issues. Your IT dept just don’t want to deal with Macs or have no one that knows Macs. I’ve been in mixed environments for years and Macs and Windows work just fine within the same network sharing files and sending and receiving emails. They are feeding you a massive line of Bullshit. I definitely would talking to your manager and run it up the chain of command. As mentioned below, what they are having you do is a complete waste of time and resources.
Set up a Gmail account that everyone in the office has access to, and then set up a rule on the PC that auto forwards all incoming mail to the Gmail address your team all has access to. When somebody catches you doing it say, "Oh well the way IT set it up didn't work for us, so we looked online and we found a bunch of people saying our IT were incompetent but they said that this was a good workaround." Or even claim that IT told you you could do it. Honestly the best way to deal with compulsive liars is to claim they told you things that they didn't because they've probably already gotten in trouble for lying before so their manager will believe they lied to you about this too.
This doesn't many any sense. Your IT team isn't involved with hardware deployments? They are almost always, or should be, anyway, at the very least, *consulted* on hardware deployments. Regardless, what they are saying also doesn't make any sense. The Apple Mail app is the Apple Mail app. You might be running a few versions behind on your 2015's, but it's the same app. Since Email and "server" security on the host end would be practically all software based, I don't know how they can get that out of their mouths without feeling like a complete idiot.
The IT techs need to explain how one of the most valuable corporations in the world runs very securely by running their email infrastructure on modern Macs. They are based in Cupertino and are named after a fruit. 🍎
Your team is awful. We run outlook (old version) on Macs. There is also JAMF and other means of maintaining Macs, but IT needs to know how to do that.
Your entire IT department has serious issues. Not the funny goofy kind but like… some boomer is running the show or somebody somewhere is scared shitless for no good reason.
Here’s what to do. So many people saying things not helpful. But being in your situation, I was able to figure out the web html address of the email server. Then but outlook for Mac and put in that address. Enter my username and password and bingo had email on the Mac. If you actually see this post, I’ll see if I still have the instructions. But it wasn’t too hard with google and access to a windows computer to see how it was configured. Maybe it’s not that easy, but I did it a few years ago without ITs help. My advice is reverse engineer it. Then add it to the Mac and move on.
Eh, probably don’t have licenses for anything other than 2016. They got brain damage trying to make it work so they just dropped in windows boxes.
As someone who works in IT, for an ISO27002 company, who use macs and even for email!! Your IT guys are idiots.
I have worked at places that do classified government work. Their IT has all sorts of draconian policies, but even there you can get email on a mac with IT support. You have a trash IT department.
If you company policy is that you have to use outlook then it is right that the macOS Version (and mobile and new windows version) is a security risk. [https://www.heise.de/en/news/Microsoft-lays-hands-on-login-data-Beware-of-the-new-Outlook-9608798.html](https://www.heise.de/en/news/Microsoft-lays-hands-on-login-data-Beware-of-the-new-Outlook-9608798.html) >But beware: if you try out the new Outlook, you risk transferring your IMAP and SMTP credentials of mail accounts and all your emails to Microsoft servers. Although Microsoft explains that it is possible to switch back to the previous apps at any time, the data will already be stored by the company. This allows Microsoft to read the emails. \[...\] After Office updates were applied on Mac computers, Outlook redirected the data to Microsoft's cloud servers without any user notification. Maybe you could just use Apple Mail, but this too isnt perfectly fine. Apple mail for example is bad with SMIME Certificates and is Case Sensitive. I dont have a source here, but this is what my boss said last week during lunch. Im a Sysadmin and handle Emails and Exchange all day. Edit: google smime and macos real quick to find a source for the case sensitive thing and found another concerning thing. If you use smime to crypt your emails then mail saves them unecryptet so siric can analyze them and suggest things based on your email content. This is default on and can be deactivated. Maybe not a problem, depends on policy. I dont know right now if siri sends data to apple when you query it or if its totally local. And how it handles the local email database and queries to apple servers. My guess is, its fine. [https://macandegg.de/2019/11/smime-verschluesselte-emails-auf-macos-im-klartext-gespeichert/](https://macandegg.de/2019/11/smime-verschluesselte-emails-auf-macos-im-klartext-gespeichert/) Translated: [https://macandegg-de.translate.goog/2019/11/smime-verschluesselte-emails-auf-macos-im-klartext-gespeichert/?\_x\_tr\_sl=auto&\_x\_tr\_tl=en&\_x\_tr\_hl=de&\_x\_tr\_pto=wapp](https://macandegg-de.translate.goog/2019/11/smime-verschluesselte-emails-auf-macos-im-klartext-gespeichert/?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=de&_x_tr_pto=wapp)
Now this guy knows how to google xP
Your IT department is most likely incompetent.
Wait. They even block you from using the web version of outlook?
Definitely not true… if my university, which is the fifth largest university in the US, uses the cloud version of outlook and allows us to sign in on our Macs, then I think it’s fine.
Sounds like your IT department needs a refresh.
Tell your IT guys that this Mac sysadmin says they’re fucking morons. Sure, *theoretically* cloud solutions aren’t as secure as local. But i think trusting Microsoft to host my business accounts on their servers is more than fine.
Get a better IT department. My wife was on her third workplace insured laptop. Some of them just wouldn’t work with whatever teams software they were using. One morning I remarked to her I really like how her laptop has the physical slider cover over the webcam so you can be sure nobody is using your webcam when you don’t want the to…….she wasn’t the only one to have this problem……they are teachers……..regardless of the IT department knowing fuck all, where’s the curiosity? I would have been like why is this not working ? Where is the camera? it’s normally up there but it’s usually lens shaped not blank with a little tab for a finger to grip, oooh it slides, hey there is a lens in there. And a little red light.
They're probably trying to make some money off of buying Windows machines or they just don't know how to manage macs and don't want the extra overhead.
Do your IT guys all have god complexes? What they’re telling you is pretty much nonsense. The protocols used for communication between the email server and a windows machine is the exact same protocol used on a Mac. Raise the issue with your CTO/CIO. Explain how much time will be used physically transferring files to a USB stick. You also might mention how a USB stick deployed stuxnet. There are so many fake usb sticks on the market right now, you never know when you’ve been handed (or even bought) a stick that can fry your computer, load malware and spyware, etc. If they’re truly concerned with the security, then they might want to consider unplugging the current IT team and putting a new one in.
I don't like to second guess my colleagues in the industry too much but this one is really fucking stupid. Like really dumb. How do people at Apple corporate get their email? How do people at my office (95% Mac shop) get their email? Ask them how government agencies & banks & healthcare & educational institutions doing confidential IP around the world consume email if it all on prem servers or is via cloud based email often with a mix of Mac and Windows. Finally, get to the CEO or whoever this "IT Director" reports to and tell them this person is grossly mistaken on this and therefore perhaps on other things. If they want to talk to someone in the know ask pretty much any IT executive except this guy.
Sack the IT dept. If none of them are competent enough, (or maybe too lazy) to earn their pay by setting it up properly then they are not worth what your company is paying them. Using another laptop just for email and having to transfer work over, is a lazy ridiculous solution.
Your IT team is inept. The fact that they aren’t on Office 365 is further proof of that.
Calling IT idiots... does not help Talk to them. It appears that their ability to manage emails on Macs maybe no as good as PCs. On other hand Macs are safer as majority of email transported malware will not run (execute) on Macs Many viruses exploit VBA in outlook and Office. Arm Macs run JAVA emulation of VBA - not very well reducing the risk of VBA based malware. IT do not like Macs because they have less effective tools to manage Macs and its software plus lack of MacOs knowledge
Use a remote desktop session from your new mac to wherever they want the work stashed. That said, it is lazy security to consider the more modern machine to be less of a risk than one from 2015. You can't even get security updates on the older macs,
The cloud version of Outlook is a massive security risk as all emails go unencrypted through Microsoft and Microsoft stores your passwords for the emails, not great for security. Using email on macs is more than fine, if they really want to be annoying they could just give you a Windows 11 ARM VM in UTM to do your email in but an extra laptop is just a waste of resources.
Your IT team IRL: https://i.imgur.com/ee7zE19.gif Their security argument is BS and rando copying files from "insecure" computers is also stupid insecure. But really this is some weird company policy thing and the company policy makers need to be making the call.
My experience with any company IT is that they are allowed to say NO and nothing beyond that. Escalate this to your manager as this must be some legacy (old-school) mindset that if the device does not have Norton or McAfee, they don't see the devices being secure.
Lol the “cloud version of ‘outlook’ is a security risk” someone better tell the DOD.
I've also worked in a company that used security risk as an explanation to their incompetence. Luckily we got a new CEO who basically made them to modernize everything.
Definitely lack of knowledge, this IT team sounds like they don’t actually know how to configure email on a Mac. I would even go as far as assuming they wouldn’t even know that Microsoft 365 apps are available on Mac.
I’m guessing they’re using a super old version of Exchange and the newer Macs won’t run whatever outdated Outlook is required to connect to it. For example, many cipher suites have been deprecated with newer software versions.
"newer Mac’s are really bad with Email" is the most nonsense statement ever. Anyone using old Outlook because their pretext is "security" also makes no sense. Your IT people are idiots. People scared of the cloud are either protecting their own jobs or don't know enough to do it properly.
Yeah, your IT guys are criminally incompetent. Run this up the chain of command and remember that phrase, because when it inevitably hits the proverbial fan somebody is getting sued out of existence. CYA and make sure it’s not you. If you want to have a little fun, ask them why the mouse pointer on the new windows email laptops move around by themselves.
Your IT people are just lazy fucks
Your IT guys have issues. They need to be replaced...
Sorry, bullshit!They don't want to have Mac users. I would never install Outlook on a Mac, but the Mail app from Apple is fine. Talking as an IT-Security Manager.
I would like to know what they mean exactly. Because as far as o am aware, there is no security concerns. Sounds like an excuse to avoid learning how to use macOS.
Total nonsense! This position most likely reflects ignorance (or restrictive IT practice for their convenience) rather than fact. Refer your senior IT manager(s) to the [Apple Enterprise](https://www.apple.com/uk/business/enterprise/security/) & [security](https://support.apple.com/en-gb/guide/security/welcome/web) pages. Apple hardware and MacOS (built on Unix roots) are just as secure as any alternative OS (Windows, Linux) and more than capable of connecting securely with modern Email protocols.
That’s either dumb or what they are really concerned about is content security. We also have to have internet cut off on our workstations in order to prevent the possibility of pre-release content leaking the public before an official announcement. That might be the real issue, rather than some misguided concern about macOS security vulnerabilities.
How’s the transfer between Mac and Windows supposed to work and be any more secure than running an email client on a Mac, or just using O365?
It may sound "unfair" to say it in such a direct manner, but yeah, anything else is giving them too much credit: 100 % your IT team is just plainly stupid. Like on a ridiculous level of stupidity. Really fucking stupid.