9 Essential Mac Security Tips

All computers, even Macs, need to apply essential security steps to prevent malicious activity from bad-actors (aka hackers). The Mac versus PC advertisements sang the praises of Macs as being virtually “virus proof.”  This was disingenuous at the time since Macs made up only 8% of the market. Today Apple Inc’s Mac platforms are far more wide spread and targets of everyday hackers. Here are 9 easy steps you can take to make your Mac more secure!

Disable File Sharing

File Sharing is a great tool that was first introduced in the early 90’s.  It’s a system service that lets you share folders and files across a network to save time.  But be honest, when was the last time you did that? There are so many file sharing services online that we barely ever think to use File Sharing. This is likely the quickest attack vector for a hacker to use. He/she will scan the coffee shop free-wifi, see your share and proceed to attack.  Deflect the attack by simply turning it off!

  1. Open the System Preferences icon
  2. Open the Sharing panel
  3. Disable the File Sharing service by ensuring the “ON” checkbox is un-checked.

Mac File Sharing

Use FileVault

FileVault (actually called FileVault2) is a built in encryption tool that ships with each Mac.  FileVault will encrypt the contents of the entire hard drive with tough-as-nails 256-bit Advanced Encryption System (AES)-XTS key.  It’s government grade encryption that would take over 5 years to crack using the most advanced Super Computer on the planet (the Tianhe-2 Supercomputer @ 33.86 petaflops). Each time you log on, your Mac will unencrypt what is needed on the fly and securely encrypt it when done. 

How is this useful? It protects your data making it completely inaccessible if your computer or laptop is stolen or copied by a hacker.  Pretty cool, if you ask me!  Enable FireValut:

  1. Open the System Preferences again
  2. Open the Security & Privacy panel
  3. Under the FireVault tab click the “Turn On FileVault…” button
  4. Make a sandwich, watch a movie. (It takes about an hour or so to encrypt)

Security and Privacy

Disable Safari Extensions

Extensions. Can’t live with them, Can’t live without them.  This applies to any browser, not just Safari.  Extensions are bits of code that modify the Web Browser in certain ways.  This has the unfortunate side affect of creating little holes in the armor of our security posture using Web Browsers.  Hackers can, for instance, use known vulnerabilities of the extensions to hack your computer.  Like Sharing services, if you aren’t using it, Disable or Delete the extension.

  1. Open Preferences… from the “Safari” menu.
  2. Select the Extensions tab
  3. Uncheck the blue boxes to disable Extensions you don’t use often or CTL-CLICK and Delete them.

screenshot_11

Enable Fraud Warning, Disable Java, and Block Pop-ups

Safari is fairly secure out the box. But let’s make it more secure!  To access these settings once again go to Preferences and open the Security Tab.

First enable Fraud Warning.  This feature will compare your browsing locations against known and suspected fraudulent sites that could be serving malware to your computer.  Safari will present you a full screen warning of why the site is suspected as fraudulent and give you the chance to opt-out from visiting it. To enable, check the box to Warn when visiting a fraudulent website.

Second Disable JavaScript. This one is hard to do because Javascript code is used all the time on the Internet and is embedded in many websites (including DynamicCyber). To prevent a hacker from executing JavaScript code placed in a website simply disable it by unchecking the box.  You can always enable it when you need it.

Third Block Pop-up Windows.  Pop-ups are annoying and abused. Advertisements are the most common abuser of this feature and can quickly clutter up your screen.  Hackers can take advantage of this placing malware in the advertisements and tricking you to execute code. (see our article “When Adware Strikes!“) To disable, simply click the checkbox. You can bypass this (for sites with logins that are in Pop-Ups) by pressing the option key when clicking the link.

screenshot_13

Disable eMail “Safe” files

This a Mac Mail client specific tip.  In Mac Mail you may notice that pictures, PDFs, some movies, and other files will automagically be open inside the eMail that you received.  While very cool it is very dangerous.  A hacker, once he has your email address, can send you a carefully crafted executable file disguised as the “Safe” file.  Your Mac Mail could open this file and execute the code without you knowing…VERY BAD.  By disabling “Safe” files your Mac won’t do this and you’ll be given a chance to screen or scan those files before opening them.

  1. Open Mail app.
  2. From the “Mail” menu open “Preferences…“.
  3. In the General tab, uncheck the “Open ‘safe’ files after downloading” option.

disable safe files

Don’t click email links

A word of caution at this point.  Always, always confirm that you know the identity of the person sending you files and links.  If something looks suspicious it is.  For example, in the image below I seem to have emailed myself.  I do that from time to time but I don’t remember this one. The subject is fishy “OPEN IMMEDIATELY!” and it’s written poorly.  It’s pretty safe to assume that this is a hacker trying to trick me.  We’ll talk more about phishing later.

Suspect Email

These are some the basic tips that you can do today, out of the box, without spending a lot of money.  I do recommend that you install a good Internet Security software suite as well. McAffee and Synamtec both make excellent PC/MAC internet security software packages for a reasonable price.  

What security tips do you have? Share in the comments below.

 

Leave a Comment Here, Contribute!