A guide for the average user on how to protect your Mac
My decision to switch from a PC to a Mac had a lot to do with security and security suits.I had had enough of frequently buying new hardware that soon became obsolete, simply because the operating system, the antivirus solutions, and the security suits needed more and more processing power and RAM.
Despite the fact that each new processor presented an extraordinary raise when it comes to its processing power, at least on paper, they seemed to be able to deal with using a browser, a video player and... the Office suite! This is 95% of what regular users use daily!
Windows users are “recommended” to install the most “paranoid” security suits (preferably two of them, just to be on the safe side), that perform heuristic scans even on your mouse movement. As a result, your brand new system starts to feel sluggish.
Watch out... the enemies (hackers) are listening!
Meanwhile, on the Mac platform, the few malware threats detected over the years look insignificant compared to the Windows mayhem.
Regardless, the antivirus software developers have extended their services to incorporate Mac security solutions, while promising that an apocalypse is imminent.
It is true that the Apple OS has started to become more appealing to adware and spyware developers, but on Mac OS X it is a lot harder to install applications without the user’s consent.
Besides, personally, I know only one website that tries to timidly “promote” this type of downloaders for Mac.
However, these are my recommendations for the average user, who does not feel spied on by hackers or the NSA:
1. The OS X Login PasswordYou need a better password than “qwerty,” “1234,” your birthday, or your kid’s name. This type of information is very easy to find and will just not do.
The universal “recipe” states that your password must have at least 8 characters, it must contain both letters and digits, but also a couple of special characters, such as “@!#$%^&()~.”
1.1 Separate User AccountsIf you share your computer with other users, you should create separate accounts that have different passwords. This can be easily achieved by opening the System Preferences and navigating to the User&Groups panel. Here you can quickly create new accounts and change passwords.
1.2 Inactivity TimerSet up your Mac to launch the screensaver after 1 minute of inactivity and make sure it will ask for the password if someone tries to access your desktop.
From the Energy Saver panel (accessible via the System Preferences window) adjust the “Display Sleep” slider to match your own needs (I use 2 minutes as the time interval). Note that for portable Macs, you can use different settings if you are on Battery mode or on the Power Adapter.
At the same time, in the Security & Privacy panel, you must check the “Require password” box and choose from the dropdown menu the time interval. For example, you could use the 5-second option if you tend to activate the screensaver by mistake.
2. The ApplicationsRegular users do not install new applications every day. We’re creatures of habit: as most people, we have our own favorite apps that we rarely replace. All these apps should have the latest updates installed and, OF COURSE, make sure you have the most recent Apple software releases.
These days, most applications are downloaded from the Internet via the App Store, through portals such as Softpedia or directly from the developer.
The launch of the Mac App Store and the inclusion of the App Store.app in the latest Mac OS X versions, have led to new security settings, as you can see in the Security & Privacy panel.
The “Allow Applications downloaded from” list comprises three options:
1. Mac App Store – Suitable for oversuspicious users, it will limit the access only to apps that have been downloaded from the App Store (paid or free). I must specify that the App Store provides a wide collection of applications, but those are only a part of the available Mac software.
2. Mac App Store and identified developers – You will be able to use only apps that have been downloaded from the Mac App Store and also have a digital certificate from Apple. Since Apple is charging $100/year for a digital certificate, most free apps are not signed.
I use this setting and, on rare occasions, the next one, but only with apps downloaded from trusted sources.
3. Anywhere – Not a very wise choice...
Having the latest web browser available also counts: Safari is good, but I personally prefer Chrome for Mac or Firefox for Mac. You will be surprised how many users are looking for “Internet Explorer for Mac.”
This is motivated by two main reasons:
· Internet Explorer is a very popular brand and, most likely, it is the first name that comes up to users looking for an alternative web browser
· There are certain devices that can be accessed only from Internet Explorer because they use ActiveX (DVR, Webcams, etc) and it’s extremely frustrating when you can’t use them with your Mac.
The problem is that Internet Explorer for Mac is no longer under development and does not work on Mac OS X 10.7 or later. This has not stopped “enterprising” websites from trying to deliver adware apps in its place.
The Apple digital certificate is fairly easy to acquire and creates an illusion of security. In this case, the installer is signed with an Apple digital certificate and you might think it’s “safe,” but you soon discover that it has changed your search engine, your homepage, and other “nasty surprises.”
This is a typical example of why you should be careful when choosing your downloads sources. I recommend mac.softpedia.com, because we are testing each app before listing it.
3. Confidential InformationThe most “frequent” mistake when it comes to password management is allowing the web browser to store accounts details and passwords. This makes them easily accessible but also renders you vulnerable.
In some cases, the passwords can be viewed directly in the browser’s settings panel. You do not have to be a hacker to view the passwords stored in your system.
Still, most websites require authentication and there are certain tools that, once implemented, will make your life a lot easier by allowing you to safely access your credentials from anywhere in the world, on different devices.
The recommended solution is using a “Form Filler” application: I use 1Password that comes integrated with Dropbox support. The app encrypts your data, but also allows you to sync it to all your devices via your Dropbox account.
All in all, if you are careful, it is NOT YET necessary to install an antivirus solution on Mac OS X. A standing proof is my 2007 MacBook White that runs flawlessly on Mac OS X 10.8.4, while the upgrade costs were minimal (RAM)!