A knowledge base article about Mac OSX Security Compliance provided by the UC Berkeley IT Service Hub - Knowledge Portal
Any Mac OS version 10.9 or older must be updated in order to comply with Information Security and Policy's (ISP) Minimum Security Standards for Networked Devices (MSSND). ISP will begin sending out notifications on April 1, 2016 if a Mac has OS 10.9.x or older https://security.berkeley.edu/faq/isp-security-notices/operating-system-unsupported. It's important that you upgrade your software before April 1, 2016. If you do not update in a timely fashion, your computer may be blocked from the network, ceasing all internet access on Campus.
How to check which version of OSX is installed on your device:
- Click on the Apple in the upper left corner
- Select ‘About This Mac”.
- Yosemite (v. 10.10) or El Capitan (v. 10.11) means no upgrade is required.
- An older OS version such as Mavericks (v. 10.9) or any Big Cats (Lions, Leopards, etc), means that you must upgrade.
Here are some options on how to upgrade:
For CSS-IT Managed Devices:
- Use Self-Service, following the instructions in this video: Upgrading OS X to El Capitan
- Contact Campus Shared Services IT (CSS-IT) at itcsshelp@berkeley.edu or our webform “Submit a Ticket”. We would be happy to personally walk you through the process.
- If you’d like to upgrade to El Capitan yourself, please visit the OS X El Capitan page on the Mac App Store. Click the download button and follow the onscreen instructions to begin your upgrade. You can find detailed instructions on the Apple help site: http://www.apple.com/osx/how-to-upgrade/.
We also recommend upgrading to the Berkeley Desktop (https://desktop.berkeley.edu/mac-os-x) to recieve single-button self-service installations of Berkeley licensed software (MS Office, Adobe Suite, and more), desktop antivirus, and automatic updates and patches for OS X and applications. Contact us for more details.
For Non-CSS-IT Managed Devices:
- Contact your Local IT Department
For Personally Owned Devices:
- Visit the OS X El Capitan page on the Mac App Store. Click the download button and follow the onscreen instructions to begin your upgrade. You can find detailed instructions on the Apple help site: http://www.apple.com/osx/how-to-upgrade/.
If you do not upgrade your Mac OS before April 1, you will receive a vulnerability alert from ISP. This can be avoided by upgrading your software before April 1.
- If you have registered the device for DHCP, you may receive an email from ISP
- An ISP email will have a subject such as: [ISP #1999999] 128.32.xxx.xxx Vulnerability Detected
- Reply to the ISP email with how you intend to remedy the vulnerability. Examples:
- I will upgrade my computer and let you know once the upgrade is complete
- Please add CSSIT to this request and have them contact me. I will need help to upgrade my computer (include your name, location, phone #, email) Note: Do not forward the email to CSSIT, ISP will do that at your request.
- It is key that you respond to any email from ISP. Let them know your course of action and when it has been completed so they can rescan your workstation.
- If you do not receive a receive a vulnerability alert from ISP, but one has been issued for your device
- CSSIT will do their best to track-down the corresponding device and it’s user/owner and attempt to assist in upgrading the OS
- If your device ceases to connect to the Campus Network, it is possible that it was blocked, contact the CSSIT Service Desk at 510-664-9000, opt. 1
- In some cases the OS cannot be upgraded
- If the computer hardware is too old to upgrade the OS to the current version, El Capitan v. 10.11.x, you may need to replace the computer.
- CSSIT Provisioning and Procurement can assist you in determining the models that are available for purchase. CSSIT can also assist you with the purchasing process, delivery, and setup.
- If you are running other software that requires an older version of the OS, you may request a temporary exception from ISP.