Harden Your Mac Security With These Steps


Do you worry about hackers, viruses, and malware? You can quickly improve your Mac security with these basic steps. Most tips only require the built-in Mac security tools found in macOS.

1. Turn on FileVault

FileVault is a whole-disk encryption system. It wraps all the contents of your disk in an layer of encryption. This means that even if attackers have access to your physical hard drive, they cannot decrypt the data without your password.

FileVault is turned on by default in all new Macs. But if you have an older Mac, or you used a Time Machine clone to copy your Mac’s files to your new machine, FileVault might not be turned on. You can adjust this under the “Security & Privacy” pane in System Preferences.

2. Choose a Complex Login Password and Use It

While this tip is most important for users with laptops that travel, it’s a good tip for everyone. Using FileVault won’t matter if your password is “password.” This setting is also found under the “Security & Privacy” pane in System Preferences.

Of course, that password doesn’t do any good if you don’t use it. Make sure you set your computer to require the password as soon as it sleeps. If you use a desktop Mac, get it the habit of manually sleeping your computer to ensure it’s always protected. Also disable auto-login and ensure you’re setting your Mac to sleep after a few minutes of inactivity as a fail-safe.

3. Use a Password Manager

These days secured personal data doesn’t tend to exist on your Mac’s hard drive. Instead, it lives in the cloud, in social media accounts, and in remote backups. Unless secured with a complex and unique password, that data is vulnerable to silent, remote extraction.

Download a password manager like 1Password and get started using it right away. Use the password generation tools to replace duplicate or simple passwords with long and complex ones. Also, turn on two-factor authentication for any accounts that support it.

4. Employ Extra Encryption

For highly confidential documents, you’ll want to encrypt them separately from your whole-disk encryption scheme. 1Password actually offers the option to upload up to 1 gigabyte of files which are secured with the same method that protects your password. You can also use stand-alone encryption software like Encrypto. For the thinnest but most convenient layer of security, you can set passwords on PDFs with Preview.

5. Use Find My Mac to Wipe Remotely

Turn on “Find My Mac” under the iCloud System Preference pane. This uses your Mac’s Wi-Fi connection to keep track of its physical location. If the device is lost or stolen, you can find out where it is.

This will also enable you to remotely wipe your Mac if it ends up in the wrong hands. Even if you can’t recover the device, you can make sure information doesn’t wind up in the wrong hands.

6. Ensure Your Firewall Is On and Enable Stealth Mode

By default, your Mac’s software firewall should be on. But just in case you’ve turned it off, take a look under the Firewall tab of the Security & Privacy pane. You can also use third-party firewalls like Little Snitch that offer more complex protection.

You can enable additional protections by turning on stealth mode. This stone-cold preference name keeps your computer from responding to network probing applications like ping. You can find the setting under the “Firewall Options …” button of the Firewall pane, down towards the bottom.

7. Turn Sharing Off Until You Need It

If you use your Mac on a home network frequently, you might have file sharing turned on. If you ever use your computer on a network you do not completely control, you need to turn that off.

It’s best to turn “Sharing” options on only when you need them. This includes File Sharing, Printer Sharing, the whole shebang. It’s better to close up all potential ports when you’re on a public network than risk an unexpected intrusion.

8. Limit Airdrop

By default, Airdrop is limited to contacts only. You may want to turn off Airdrop completely if you don’t use it. But definitely never set it to “Everyone.” That would allow someone to send any file to your Mac with only one dialog box to prevent it. Click inc0rrectly, and you’ll have who-knows-what on your computer.

9. Secure Your Network Activity

Your Mac isn’t just about its hardware. It’s also about the networks that your Mac connects to. Poorly secured routers can often be a vector for attack.

Make sure you’re using the most up-to-date firmware for your router and that you use a secure and complex password. If you give your password to any guests, change the password as soon as they are done.

You can further secure your online activity with a VPN. This will encrypt your network traffic, preventing prying eyes from checking in.

10. Encrypt Your Backups

Any smart computer user will have a backup system. But if your backups aren’t as secure as your main drive, they represent a vulnerability. Make sure you encrypt your Time Machine backups under the Time Machine preference pane. Also make sure you encrypt any other backups you have, whether cloned disk or web-based backups.

11. Don’t Use an Admin Account

We’ve previously covered the Mac security problems with using an administrator account as your main account. If malware is installed on your computer, it can do anything your user account can. While it’s slightly inconvenient to use a standard account instead, it’s worth the improvement in security.

Honorable Mention: Use a Software Firewall And Malewarebytes

This doesn’t come with your Mac, but if you’re serious about Mac security, you’ll want an additional firewall. A tool like Little Snitch will monitor your network activity around the clock. You’ll have the option to select how every process on your computer connects to the Internet. This is tedious at first, but it improves your Mac security enormously.

Malewarebytes can also constantly scan your Mac for any malicious software. This major improvement in Mac security comes at a fairly low cost. And even if you don’t buy the software, the on-demand scanning of your system is always free.

Conclusion

Use the security steps that are necessary to compensate for your level of risk. Very few of tips will interfere with the normal operation of your Mac. You’ll be more secure without being bothered by it.

You might like the following posts:

Why Your Admin Account Could Be A Security Risk
Do Macs Need Antivirus Software?
Getting Started with Mac Encryption
Using PGP Email Encryption on macOS

Alexander Fox

0 Comments

Your email address will not be published.