Mac Security: Making life harder for those with evil intent
It is nearly ten years since I abandoned Windows and bought my first Mac. Better security that came with Apple's computers was one of the most compelling reasons for the change and I took some comfort in the fact that in 2005 Macs were still a niche product. There were so few of them out there, relatively speaking, that most of us believed hackers and malware artists were less likely to target us rather than the soft underbelly of the PC world. This could have been so But, even then, OS X was inherently more secure, requiring a password before the installation of any application for instance.
A lot has changed in those ten years. Mac sales are booming, there is no longer an "Apple premium" and Macs are now reasonably priced, albeit at the higher end of the market. With this success has come more danger as criminals find it lucrative to target OS X as well as Windows. Despite this, many Mac users still do not use virus-protection software because it is intrusive and can undoubtedly cause unpredictable problems.
That said, Mac users tend to be more technically aware and take other steps to operate in as safe an environment as possible. There are some things that every Mac user should do to protect themselves and their computer; they are simply implemented and should be high on everyone's list.
Topher Kessler, writing in Macworld, highlights four security options that we should all know and implement:
While OS X is relatively secure by default, there are some additional steps you can take to ensure the data on your Mac is only accessible by you, even if your Mac is stolen.....Overall, while Apple can do very little to prevent your computer from being stolen, OS X does its best to protect the data it holds as well as offers a chance that you can pinpoint its location. With these options enabled, you can be sure your Mac's data is as safe as possible, with little to no inconvenience for you
You can read the full article here. But Toby's four points are all absolutely essential to your computer's wellbeing and your protection from identity theft or worse:
- Enable the OS X firewall
- Enable FileVault
- Manage your passwords effectively and securely
- Lock your computer and enable Find My Mac
Most readers will already have taken these steps, as I have. In particular, FileVault, which encrypts your internal disk (or connected external disks) is an essential protection. It means that even if your computer is stolen and the disk removed for inspection (to circumvent the login lock), data cannot be viewed. I've been using FileVault for many years and have not had the slightest problem. It just works, silently and efficiently.
Similarly, password management is vital. I employ 1Password, as do most savvy Mac users. Not only does it encourage you to create really secure and unmemorable passwords, it manages the whole kit and caboodle brilliantly. All you need to unlock this potential is, as the name says, one password. This should be secure but something you can remember and it should under no circumstances be used elsewhere.
In addition to Topher's four cardinal precautions, you need to be aware of the security risk that comes with using your Mac in public, particularly on free wifi networks. "Free" often means unmanaged and, if you leave the door of your computer ajar, nasty people could gain access to your data while you are sipping your latte.
Christopher Breen addresses this problem in another Macworld article. He discusses ways to exclude intruders, particularly by turning off sharing that you might have enabled for a specific reason in the past, and the nuclear option of paying for a VPN (virtual private network) account.
These days, though, I tend not to use public wifi because of the various security scares. With fast 4G cellular networks available in larger cities, it now makes more sense to stick with your phone or iPad's mobile service and enable a hotspot to feed your Mac. In most cases, 4G is actually faster than most public wifi services. Christopher also recommends this and you can read all his advice here.