Tips & Advice

The Essential Guide for Mac Security

Nancy Nunziati, 20 August 2018

Learn about the built-in Mac security software you already have, as well as other helpful tips and tools to keep you safe online from viruses, ransomware, and other cyberthreats.

Macs are beautiful machines, in both appearance and performance. The sleek designs, intuitive OS, trend-setting apps, and, yes, the anti-malware security built into the platform, make them among the most cherished items possessed by their owners.

Is antivirus software for your Mac really necessary?

Mac users have exceptional security records for decades, and this is for two reasons. One is that Macs are built with strong protective features and very few exploitable vulnerabilities, and the other is that most of the world owns PCs, so that is where cybercriminals have levied their efforts. But the tide is changing, and hackers are learning how to circumvent Mac security protocols.  

With 2016’s KeRanger, the first trojan horse ransomware for Mac OSX, and 2017’s Patcher, a Mac ransomware spread through BitTorrent, we’ve seen that Macs are not completely invulnerable. Their security is strong straight out of the box, it’s true, but there are several extra security settings that bolster your protection if you set them up.  Plus, there’s more than just malware attacks on Macs that you should be concerned with -- cybercriminals are always turning up with fake websites, phishing emails, and more trying to get you to slip up. So what can you do? Antivirus is the first step. Plus, these 7 tips to up your security defenses.

Follow these 7 security tips to keep you Mac safe

Here’s everything you need to know about Mac security and how to protect yourself.

Mac Tip #1 — Review your MacOS “Security & Privacy” settings

First, let’s look at the bulk of your built-in security tools. In System Preferences, click on Security & Privacy. You should see 4 tabs — General, FileVault, Firewall, and Privacy. Click the padlock icon so you can make changes. (It will ask for your password in order to proceed.)

mac-security-privacy-screen

General Tab - Disable automatic login & set password

This first tab allows you to take the most important step — set a password to be required in order to log on. If you have the choice to disable automatic login, check that box. Set a good, strong password, and all trespassing fingers, be they from a snooping family member or a laptop thief, will be unable to get past the login screen.

In this window, you can also change your password and set it to be required for re-entry however many minutes you like into sleep mode or screensaver mode.

Here you can also select if you want apps to download only from the official Apple App Store, or also from “identified developers.” As a general rule, because all apps are vetted and measured to Apple’s standards, you can trust what you download from the Apple App Store. Downloading apps from “identified developers” is not necessarily a bad idea, as Apple will only approve developers who have proven themselves reliable, but the apps themselves won’t be vetted as deeply as those from Apple’s own App Store.

FireVault Tab - Turn it on

This is the second tab in Security & Privacy, and what the FireVault does is encrypt the data on your hard disk so that if anyone forces their way in, they cannot decrypt your data without a password or security key that you set. We recommend you turn on FireVault.

Encrypting all your data is a laborious job, but your Mac will do it in the background while your computer is running, so you won’t experience downtime.

Firewall Tab - Turn it on and review apps and services

This is the third tab in Security & Privacy, and it’s something with which you’re no doubt familiar. If you’ve ever worked in the corporate world, you know every security-conscious business uses a firewall to protect their network by blocking unwanted incoming traffic. We recommend you turn it on.

When you do, then click Firewall Options. In the dialogue box, you’ll see a list of all those apps and services that your system is allowing in. If you’d like to subtract or add any, use the + andbuttons at the base of the box.

Also, check the box to Enable stealth mode. This gives you extra protection by putting a sort of invisibility cloak over your system. Any outside networks that try to ping it will get no response.

Privacy Tab — Review apps and data access

Here you select which of your apps get to access which data. The data categories are:

  • Location Services
  • Contacts
  • Calendars
  • Reminders
  • Photos
  • Accessibility
  • Analytics

When you click on one of those data categories, to the right you will see a list of your apps that have requested access to that particular data. For instance, “Maps” would like to access your Location Services. Run through each of these and be sure you approve them and that they all make sense. When you’re done, click the padlock icon back into its locked position, and close the window.

Mac Tip #2 — Know what you are sharing

In System Preferences, click on Sharing. On the left side of the window, you’ll see a list of all the sharing services. The checked boxes show you what you are actively sharing at the moment. Clicking on a service brings up a summary of what it does. Go through the list, and make sure you are only sharing what you absolutely need to share. If it’s not essential, don’t share.
list of services-1

Mac Tip #3 — Set your browser’s security settings

Whether you are using Safari or something else, open up Preferences and find the tab(s) for security and privacy. Read through your options, and select all that turn off website tracking. If the browser offers “safe browsing” in the form of reporting fraudulent websites, check that box too. Make sure you’re satisfied with all your browser settings.

In Safari, under the Privacy tab, you can select Manage Website Data. Clicking this shows you a list of all the websites you’ve visited that have kept data on your machine, whether in the form of caches, cookies, databases, or simple local storage. If you’ve never checked this list before, it’s going to be long. Scroll through it and delete any websites you consider nonessential. If you are wiping their cookies clean from your computer, it just means that the next time you log onto it, it will load fresh instead of relying on data it stored on your end.

Mac Tip #4 — Always update, always backup

It might seem like a no-brainer, but we have to include this tip because so many out there do neither of these things, and they are both fundamental steps in keeping your Mac healthy.

When updates are issued, they are meant to improve the system, usually in the form of security. Updates patch vulnerabilities, fortify security, and improve performance. Some fear that if they update their system, they’ll lose some information or be confused by new rules and tools. We need to disabuse this erroneous fear among the mass populace and guide people to the truth — a system update is your friend.

3-screen-app-store

Recommended: Check everything under “Automatically check for updates”
and your OS and apps will update automatically when available.

Don’t forget to backup your Mac

Just as some don’t update, others don’t backup. It’s not that they don’t believe in it — everyone knows a backup of your data is a useful thing to have just in case — it’s that they simply don’t take the time to do it. But it’s more than worth it. Invest in an Apple Time Capsule or an external hard drive and set an automatic nightly backup to occur. You’ll sleep well knowing that if anything happened to your computer or if you get hit with ransomware, you’ve still got everything you need.  Here’s Apple’s official guidelines for backing up your Mac if you want to look at all the options.

Mac Tip #5 — Use Find My Mac

This tip is to protect your Mac from old-school thieves, the kind that snatch it physically and run. With Find My Mac, you can locate it on a map using GPS tracking, you can lock it remotely so that nobody can get in, and you can even wipe all the data remotely. We need to adjust your settings for this, so open up System Preferences and click the padlock to make changes.


find-my-mac-screen

First, in System Preferences → Security & Privacy → Privacy, check Enable Location Services.

Then, in System Preferences → iCloud, if you scroll to the bottom of the box, you’ll see Find My Mac. Tick the box.

One last thing. Find My Mac only works when your computer is connected online. For this reason, you need to enable a guest user to be able to log on. That way, if your mac ever gets stolen, you’ll find it easily when the thieves are dumb enough to boot it up. Go to System Preferences → Users & Groups. On the left side, click on Guest User, then check the box Allow guests to log in to this computer.  

Now if you ever want to find your Mac, go to icloud.com/find on another computer, and if yours is online, wherever it is, you’ll see it.

Mac Tip #6 — Install extra cybersecurity

Apple’s security protocols are terrific, but to stay a step ahead of sophisticated cybercrime, you really need to augment with additional security and privacy software, such as:

Antivirus

Installing a strong antivirus for Mac is an excellent step in defending your digital life. Avast Security for Mac is free and protects against malware, malicious websites, and vulnerable Wi-Fi connections. For the highest level of protection, get protection against:

  • Ransomware
  • Transparency to any Wi-Fi intruders

by purchasing our Mac Security Pro version.

Download Avast Security for Mac - Free

Virtual private network (VPN)

Encrypt your internet connection and stay private online with a VPN. It’s your rental car with tinted windows — nobody recognizes you as you cruise the cyberhighways. Download a 7-day free trial of Avast SecureLine VPN and enjoy worry-free browsing.
avast-secureline-vpn-mac-dashboard

Password manager

Remember, every password you create:

  • Should be more than 15 characters in length
  • Consist of multiple words that will be hard to hack, and
  • Should be unique for that account (ie you should never use the same password twice.)

If you’re sticking with these best practices for password ideas, then you have an unwieldy amount of passwords like the super of an apartment building with way too many keys on his keyring. It can get confusing. Password managers do all the remembering so you don’t have to, and they will even generate high-security complicated passwords for you. Download Avast Passwords for Mac and free yourself of password headaches.

Enable Multi-factor authentication on all accounts

Lastly, always enable multi-factor authentication on all accounts.  With the number of data breaches ever increasing, multi-factor authentication takes your security to the next level.

mac-productsUse a password manager to keep your passwords safe across all your devices


Mac Tip #7 — Security basics

Plus, always follow these basic security tips to stay safe online:

  • Install only apps you trust from the Apple App Store and other official websites.

  • Avoid unsafe websites - Antivirus software can easily help you with this.  Even free antivirus products will provide this protection for you.

  • Beware of files and links in emails - first, make sure you know the sender (check the actual email address the mail is being sent from).  And, if anything looks suspicious, do not click any links in the email or download any attached files. Cybercriminals use social engineering and phishing techniques to get sensitive information from you.  Just close the email and move on.

If you’ve purchased a Mac, you obviously care about top performance and high security. But whereas cybercriminals predominantly focused on PCs in the past, more and more malware is being developed for and aimed at Macs. Keep yourself from being a target by getting familiar with your security settings and following the tips above. You want to keep your system in tip-top shape, because nothing ruins a Mac user’s day like a bad Apple.