The Apple Mac OSX platform is not immune to virus and malware. Here are the top 10 OSX security recommendations:
- Install Updates, Patches and Security software.
- Enable Auto Update and utilize the set it and forget it methodology. Of course, you will need to check it occasionally to ensure it is working and that your Mac OS is running the latest and sometimes greatest version.
- Ensure a software firewall is installed or the default firewall is enabled
- Securing any Mac or computer, in general, is enabling the firewall. The firewall helps to block incoming network connections that you have not allowed. Often the firewall is not enabled by default. Enabling it is rather simple and should be one of the most important things you do. Click on the Firewall tab in the System Preferences > Security & Privacy pane. Click the padlock icon at the bottom left to unlock system settings and then click the Turn On Firewall button. Click on the Firewall Options button and, in the dialog box that appears, click the Enable Stealth Mode box. This step means your computer will be almost entirely invisible on public networks, such as shared Wi-Fi in a local coffee shop of your choice.
- Make sure passwords are enabled
- There are three settings here that are important. First one allows you to set a password for your account, assuming, of course, you have not already done so. You should have a password without a doubt. The second one allows you to specify a password to unlock your Mac when it goes to sleep, or the screen saver kicks on. If you work in an office, this setting should be turned on and controlled by your network administrator or IT staff. You can specify the time before the screen saver kicks on thus requiring the password. Choose a time setting that makes sense to you. 20 minutes is the recommendation from the Center for Internet Security. Oh and be sure to disable the automatic login.
- Configure FileVault
- Under the System Preferences > Security & Privacy pane is where you will find the FileVault tab. By turning this on it allows you to encrypt your entire hard drive. There are so many data privacy laws out there now it is simply not worth the risk to not encrypt your drive.
- Manage Privacy Settings
- Under the System Preferences > Security & Privacy pane is where the Privacy tab is. These settings are listed in the window on the left of the pane. The Location Services tab controls which apps have access to your location data. You can switch Location Services off completely if you so choose, or prevent individual apps from accessing data. If you’ve added your various social media accounts to Safari, you can control which apps have access to those accounts here. Safari has its Privacy settings that must be configured There is also a feature to clear Clear History and Website data. Under Preferences, the Privacy Section allows you to prevent websites tracking you and which sites can store cookies on your Mac. Location data can also be made available. If there is a concern about storing username and passwords inside of Safari, uncheck the Auto Fill and Passwords sections.
- Make sure you know what you are sharing
- Your Mac can share files with other computers including sharing the whole screen to facilitate remote working. It’s important to turn off the sharing service if you do not have a specific need for it. Under the System Preferences tab click the Sharing icon. Look at the list on the left, and look closely for any checks in the boxes beneath the heading
- Enable the Firmware Password
- Apply a firmware password. Unlike with a PC’s so-called BIOS password, Mac’s firmware password prompt will only appear if someone attempts to boot your Mac in a non-standard way. Such as via a USB stick, or if they try and boot to the Recovery Console. The Recovery Console is where you’ll need to activate the firmware password. Restart the computer and, just before the Apple logo appears, press and hold down Cmd+R. When prompted, click on the Utilities > Firmware Password Utility option.
- Install and configure an Anti-Malware application
- Although it may still hold true that there is more malware targeting Macs these days; it’s still nowhere near the number that Windows users face. OS X already features a powerful, always running yet invisible anti-malware tool called Xprotect. You should occasionally fire up an app like Malwarebytes Antimalware, which simply scans through your files to uncover malware.
- Enable Two-Step Authentication
- Two-step or two-factor authentication is a system whereby your login to services or websites requires more than just your username and password. It requires an additional numeric code. This two step code is usually sent to you via a text message or phone call. We recommend you set it up because it presents an additional challenge to hackers trying to gain access to your account. Services such as Google’s Gmail have this feature, but it must be enabled to use. You can enable it for Microsoft services and sites as well and for Dropbox. These services are just a sampling of services offering two-factor or two-step authentication.Not all sites or services offer two-step verification. Check the help sections of some of the service sites you use to see if this is an option. Though there is a slight inconvenience to the end user the peace of mind, it provides outweighs the inconvenience.
- Applications
- Going back to the System Preferences > Security & Privacy pane, under the General Tab towards the bottom of the page are three options relating to which apps can run on your Mac. The safest, but most limiting option, is to only allow apps from the App Store to run (if you are a novice we would recommend this option). The least secure is to allow apps from anywhere (not recommended), and a middle option is an acceptable option, allowing you to run apps from the App Store and developers are known to Apple.
