Security settings to change right away on your Macs
Apple users are still just at risk of phishing attacks as any other user on any device.
Although Macs come with XProtest and Gatekeeper designed to keep users safe, socially engineered attacks still don’t prevent end users from handing over their credentials. If you are using your Mac for work, here are some of the things I recommend users to do on their Mac computers right away.
Best practice Mac security settings to implement right away
Physical protection of your device
Before we go into cyber security, lets talk about physical security. By that I mean this, this is your Mac and only you should have access to it. Make sure you always use a strong password or PIN on your mac.
Set a strong Password and ensure password is required after 5 minutes. Generally an 8-14 character password with numbers and special characters will do.
To set up a login password for unlocking your Mac follow these steps:
- Open System Preferences
- Click Security & Privacy
- Under General you will see an option to set a login password
- Specify how long your Mac will be unlocked for after it goes to sleep or the screen saver comes on.
Just to ensure you are in fact using a strong password use Apple’s iCloud Keychain.
Setup Find My Mac
Encrypt Your Data
Back in the security tabs, click FileVault and Enable it.
This will encrypt data on your device, in case your device is stolen without the encryption key or your password, the data would not be accessible.
Now lets move on to how you can protect your Mac from cyber attacks.
Turning on Firewall
Here’s how to turn on the Firewall on a Mac
- Click the Firewall tab in the System Preferences > Security & Privacy
- Click the padlock icon at the bottom left to unlock system settings and type in your password
- Click the Turn On Firewall button
- Enable Steal Mode by clicking the the Firewall Options button and, in the box that appears, click the Enable Stealth Mode box. This will prevent your device from being visible on open networks at public places like Starbucks and airports.
- In the Firewall tab, click Firewall Options to make changes. Here, you’ll see a list of apps and services which are able to receive inbound connections.
It’s also worth noting that, while the Mac Firewall is helpful, it only provides limited protection against malware. That’s because it just protects you from incoming connections. Its purpose is to restrict which applications and services may accept incoming connections. macOS’s Firewall doesn’t prevent apps or services from connecting out to the internet. So, for instance, if malware was to leak data from your computer, it would be able to do so without your knowledge. You need a more robust security solution in order to prevent this from happening and monitor outbound connections. We use enterprise level of Bitdefender for our customers in order to ensure their Macs are fully protected.
Check Privacy Settings
Check Accessibility, Screen Recording, Full Disk Access, Files and Folders and input monitoring to make sure no rogue apps have permissions under these permissions. Go to System Preferences > Security and Privacy > Privacy pane.
These simple guidelines can significantly increase the security of your Mac for both at the office and at home. Companies running Macs only need to focus on security for maintaining their data safe and safeguarding client’s data also.
If your business runs on Macs and you need help ensuring your systems are configured securely and properly, contact AlphaCIS, a Managed IT Services Provider in Metro Atlanta and Managed Cyber Security partner. We will help develop a security approach that works with your business, you can contact us at (678) 619-1218
