- > Security and privacy settings
- > Check privacy settings
- > Activate the firewall
- > Configure Safari privacy
- > Use a strong password
- > Printer sharing, login and remote management
- > Application download preferences
- > Apply password to the firmware
- > Activate FileVault
- > Enable guest user
Maintaining the privacy and security of the data has become extremely important to everyone, but there should be no less relevant to ensure security on your Mac. This is why we have prepared this article of tips and tips to strengthen your Mac’s security.
For some time now, apple ecosystem has become more attractive for cyber attackers, due to which we are facing all other threats and weaknesses in the form of malware, viruses, adware, ransomware or phishing. .
Apple is aware of this new situation, for which he has chosen to implement new equipment, such as incorporating Secure Enclave Copprocessor of Apple T2 Chip in the new iMac Pro and MacBook Pro models.
This is the basis of the same chip Touch ID, which allows secure startup and advanced encrypted storage capabilities. But these developments have been given by the most modern Macs. What happens to the previous ones?
And that in general, users pay little attention to security settings or none, which by default provides us an operating system like macOS. After this, we offer you a whole range of tips and tools that you should check on your Mac.
We recommend that whenever Apple releases a security update, then you upgrade to your version of MacOS, such as resolving the vulnerability found in the operating system on January 22.
In the event that your computer does not support macOS updates, it is interesting to use such applications as Hider 2, a complete tool developed by MacPaw that allows you to hide or encrypt your Mac’s data.
Encrypto for Mac and Windows platforms is also valid for developers, with which it is possible to add the encryption type AES-256 to a file, which you will share with other users for securely sharing on the network.
Apple usually responds quickly to the presence of any type of threat, and sometimes it may be necessary to make any kind of change. With Mac CookieMiner malware, Chrome recommends clearing the browser cache after logging into your bank account.
Below, you will find a full range of tips to protect your data, your privacy and your device and its connection, which will make your Mac safer than ever before.
Security and privacy settings
Let’s start with the most basic Mac settings that you should check to make sure the security is transparent. To familiarize yourself with the controls, access your Mac’s ‘Security and Privacy‘ panel located in ‘System Preferences‘.
- Open ‘System Preferences‘. You can access from the Apple menu located at the top left of your screen.
- Click on ‘Security and privacy‘.
- You will see the tabs of ‘General‘, ‘FileVault‘, ‘Firewall‘ and ‘Privacy‘.
- To change any of these settings, you must click on the padlock at the bottom of the screen and enter your username and password.
If you have an administrator account, you can make changes that will affect the entire Mac. Otherwise, they will only apply to your account.
Activate the firewall
The first step to protect any Mac is to enable firewall, which blocks any unwanted incoming network connection. You might think that the firewall is enabled by default, but often it is not.
Fortunately, it’s very easy to enable and we show you how to do it on your Mac.
- Click on the ‘Firewall‘ tab in the ‘System Preferences> Security and Privacy‘ panel that we just opened.
- Click on the padlock icon located in the lower left to unlock the system configuration (you must enter your login password). 3. Click on the ‘Activate Firewall‘ button.
- Then, you can access ‘ Firewall options ‘ and in the dialog box that appears, click on the ‘Enable covert mode‘ box.
- Then click on the ‘ Firewall options‘ button and, in the dialog box that appears, click on the ‘Enable invisible mode‘ box. This last step means that your Mac will be practically invisible to public networks, such as the shared wifi connection in a bar.
- Using the ‘+‘ symbol you can access a complete list of applications and services that can receive incoming connections. To add one to the list, try running an application.
It is important to note that the MacOS firewall, however useful, provides only limited protection against malware. It only protect incoming traffic. Your work is limited to monitoring which applications and services can be accepted as incoming traffic.
Thus, it does not provide any control over outgoing connections, that is, the applications and services that start new connections. If, for example, your computer has a piece of malware, then the OS X Firewall will not prevent you from connecting to the Internet.
Fortunately, there are third-party applications offered by large manufacturers of antivirus systems, which have anti-malware tools to work effectively.
Check our article about How to know which Wi-Fi frequency does your mac use: 2.4 GHz or 5 GHz?
Use a strong password
If we go back to the first tab of ‘Security and Privacy‘, then we have the option of ‘normal‘. Here are three aspects to which you should pay special attention.
The first is that which allows you to set a password for the account if you have not already done so, or if you think necessary, change your password. You must already have a password.
Here you can check or uncheck the option to shut down the computer or to activate the screen saver, or to unlock the Mac to unlock the password. If you work in an office or public place, consider marking this option.
There is also a possibility to deactivate ‘Automatic login‘, so you do not have to enter your password every time you start your Mac. This option is completely discouraged because anyone will have access to your Mac.
There is another additional possibility, by which, you can use your Apple Watch to unlock the Mac you have. Simply use your Apple Watch (which has been unlocked) to login to MacOS.
Taking advantage of the fact that we are working with the subject of password, we remind you that it is difficult to remember being considered good and strong. You can always resort to the use of password management programs such as 1Password or Kaspersky Password Manager. In this sense, the device already commented by Hider 2 serves as a major security.
Application download preferences
As you can see, within the ‘General‘ tab we are working, you can find two options related to applications that can be run on Mac in the lower part.
The safest option, but also the most limited, is to allow only applications from the App Store to run or install. The other option adds the permission to be able to execute applications from identified developers.
In previous versions of macOS there was an option to allow applications from anywhere. If this option appears, we recommend that you do not use it. You will be able to execute an application that does not come from the App Store, but you will have to approve it previously.
With FileVault enabled, all the files in your user account will be encrypted or encrypted. To decrypt them, you must enter the password for your account or the recovery key created when you activated FileVault.
For most users, the inconvenience of having to type a password to open a file, along with the time it takes to initially encrypt data, outweighs the security benefits offered.
But if you have reasons to keep the data or information stored on the Mac safe because it belongs to an organization, activate FileVault.
Check privacy settings
The last tab that you can find inside ‘security and privacy‘ includes many controls and various aspects. These are listed in the window on the left side of the panel, as you can see in the accompanying image.
Location Services allows you to control which apps have access to your location data. Here you can completely disable location services and prevent individual applications from accessing data.
Similarly, ‘Contacts‘, ‘Calendar‘ and ‘Reminders‘ allow you to specify which applications on your Mac can access the information stored in these main MacOS X applications.
If you click on ‘Photo,’ you will see all the applications that have requested access to your photo library. If you’ve added a social network like Twitter, Facebook or LinkedIn to the panel of preferences, you can control which apps they have.
Finally, an option that was included in MacOS High Sierra was ‘analysis‘, which allows application developers and Apple to improve their products based on data collected on the application’s usage. You can decide from here whether to share them or not.
Configure Safari privacy
Far from the commented preferences of the operating system, Safari has several configuration possibilities associated with privacy. We are going to browse all of them so that you can make the appropriate adjustments.
The first one is ‘New private window‘ which you can access from the ‘File‘ menu or with the key configuration ‘May + Command + N‘. In this way, you can browse web pages in incognito mode or private browsing without leaving a trace.
The second is associated with ‘Clear history‘ in the Safari menu. If you use it periodically, you can delete cookies and other cached data from the sites you visit, ensuring that they are removed from the ‘History‘ menu.
Within the preferences of Safari, you can find several tabs of security aspects among which is the ‘Privacy‘. Click on it and you can prevent visited websites from tracking or controlling which sites can store cookies from your Mac.
If you are worried that the username and passwords of a certain web page are stored, go to the section of ‘Auto-fill and passwords‘. You can deactivate the different options of these services according to your preferences.
Printer sharing, login, and remote management
Share printers: You can share any printer connected to your Mac with other computers connected to the network, including new Windows PCs. Within ‘System preferences‘ go to the ‘Share‘ function and activate the ‘Share printer‘ service. Here, the localized ones and their sharing options will appear.
Remote login: This option allows connection to your Mac through SSH / SFTP protocols and, for the most part, it is used by technical services to provide remote support through commands. You must deactivate it if you understand that it will not be used.
Remote Administration: It is used in corporate or corporate environments to allow administrators to access the Mac to deploy updates or correct errors. In the other circumstances, you should deactivate it if it is not your case.
Apply password to the firmware
The macOS system activates FileVault encryption by default in the current versions, which means that the entire boot disk is encrypted and it is impossible to access it, unless you unlock it when logging in with your user password.
That does not prevent someone from using a USB memory device to start the Mac and, potentially, erase all data from the hard drive. The solution is to apply a firmwarepassword .
Unlike the so-called BIOS password of a PC, the Mac firmware password request will only appear if someone tries to start your Mac in a non-standard way, that is, through a USB stick, or from another computer.
You must access the ‘Recovery Console‘ to activate it. To do this, restart your computer and just before the Apple logo appears, press and hold the ‘Command + R‘ keys.
Select your language and location when the Mac asks for it and then click on the ‘Utilities> Firmware password utility‘ menu . Follow the instructions and try not to forget it if it happens, only Apple can unlock your device.
Enable guest user
According to the apple, the guest account works with ‘Find My Mac with Icloud‘, so that you can find help in finding your MacBook if you leave it somewhere or it gets stolen.
If you find someone you can find out your Mac, log in as a guest and use safari to access the internet.
This is because you should not disable the guest account, and if you do not have it, then enable it immediately. It should also be associated with the iCloud account.
Scan for malware
Although it is true that more computer programs are more malicious than Mac’s, compared to Mac, things have changed a lot in recent years. It still does not reach the percentage of attacks, but it is worrisome for the whole community.
This does not mean that we strongly recommend using certain types of antiviral software that mainly focus on searching and ending advertising programs, i.e. hidden codes in some applications that show you related ads Aim to capture information.
Thanks to the latest versions of MacOS, especially from OS Mozavway, teams already have a powerful invisible anti-malware tool, which is always running, known as Xprotech.
However, for greater peace of mind, you can choose to acquire some of the security tools offered by major manufacturers in the cyber security market.