Security threats abound in today’s digital world, and Macs are not immune to them. Here are a few tips to help make your Mac as secure as it can possibly be.
Use two accounts rather than just one
Create a standard account (non-admin) for use in everyday activities. Only use your administrator account to install software and perform system actions. This will strengthen your system’s security.
Turn on FileVault
Apple’s FileVault encryption is a powerful tool that will protect your data even if your system is compromised. It will automatically encrypt the contents of your Mac until you use your login password or a recovery key to access the data. It’s available from the Security & Privacy System Preferences menu. You should also ensure that your backups are encrypted and password protected, whether you’re using Time Machine or a cloud service.
WARNING: With FileVault enabled you will need your login password or a recovery key to access your data. If you forget both your password and recovery key, your data will be lost.
Choose safer security settings
There are a few settings you can tweak to enhance your Mac’s security.
- Go to the Apple menu and select System Preferences
- Click on the Security icon
Here you’ll find a range of security options you can tweak, turn off or on to give you more control over your Mac’s security. You can enable your Mac’s built-in firewall here, to make your Mac less visible on public networks.
Turn off Spotlight Suggestions
Spotlight can offer you suggestions from the internet, but if you’re not careful it can also leak your private information back to Apple and other third party providers. Turn this feature off by opening System Preferences, choosing Spotlight and deselecting Spotlight Suggestions. Easy!
Don’t share your location with every app
Location services require you to swap privacy for convenience, by allowing Spotlight and Siri to offer suggestions based on where you are. While these are fairly harmless, you don’t want unscrupulous criminals to be able to take advantage of these services for their own ends. Don’t use it if you don’t need to.
- Avoid clicking links from people you don’t know.
- Never download or install software unless you absolutely know where it’s from and that it is a trusted source.
- Prevent cross-site tracking and ask sites you visit not to track you
- Block all cookies and review what data sites have about you that is held on your system
Keep up to date with software updates
Apple periodically distributes software updates that correct problems and it’s wise to install these updates as soon as you can after you receive notification. You can set your computer to automatically check for updates as well.
Use strong passwords
Use strong passwords that are not easily crackable and use different passwords for each site. Using Apple’s Keychain Manager or a password application such as Dashlane makes this process a breeze.
Use two-step verification everywhere you can
Yes, it’s a bit painful, but the benefits to security achieved by this extra layer of protection outweigh the few extra seconds you have to spend logging in.
Be wary of public Wi-Fi
Never use public Wi-Fi to access a confidential service such as your online bank or superannuation account. It’s just not safe and secure.
Use a disposable email address
Create a disposable email address that you can use to sign up for websites and services. This will reduce the amount of spam you receive to your primary email address. iCloud makes it easy to create an email alias for this purpose. Do this:
- Enter your Apple ID into iCloud
- Select Mail and tap on the gear icon
- Choose Preferences, then click Accounts
- Select Add an alias and enter an alias for that address
- Click ok to create the alias
Run a two-way firewall
Inbound and outbound firewalls are both necessary for protecting your Mac against particular kinds of attacks. Implement multiple layers of protection by turning on two-way firewall. Go to System Preferences, Security & Privacy, and choose the Firewall tab. Enable the firewall by choosing Turn on Firewall, and you can choose which apps can receive inbound connections.