5 Steps to Keep Your Mac Even More Secure

Ethan Shport on Jan 20 6 min read

Macs don’t require any extra protective measures. Or do they?

There’s no doubt that security issue is a frequently-debated topic among the Apple-related community. And here’s the typical scenario. Plenty of Mac fans will tell you that Apple computers are inherently secure and don't require protection. But is it based more on a brand promise than reality? We'd rather argue that statement and make no apologies for saying — they are a bit misguided.

This is not quite what you want to hear, we realize. But the truth is: every computer is vulnerable to raiders in one way or another. Hackers are haphazardly smart and can eventually find a path into any computer, given enough time, no matter how secure the machine is.

Don’t get us wrong, Apple’s got reputation for being shielded and well-protected company for a number of reasons. Macs are more secure — or less insecure at least — than their Windows vis–à–vis. On the technical side, OS X is a Unix-based operating system. That means — it’s sandboxed. Even if malware gains access to your Mac, it is unable to spread to the heart of the machine. Macs are not unhackable, but they are more difficult to manipulate than Windows PCs for sure. Nevertheless, history remembers some heartbreaking stories.

In 2012, there was the Flashback Trojan that infected 600,000 Macs. In 2013, a targeted attack hit OS X developers at Microsoft, Facebook, Twitter and Apple itself. In 2015, the XcodeGhost attack poisoned hundreds of OS X and iOS apps. In early 2016, the first known piece of encrypting ransomware for Macs appeared. Finally, the most recent issue took place in September this year — the assault package called “Pegasus” — this Mac OS X malware jailbreaks and installs a suite of monitoring software onto a victim’s device.

Ransomware — a type of malicious software designed to block access to a computer system until a sum of money is paid.It has been fixed though. But anyway, Apple doesn’t have a good reputation for transparency about security updates. This can leave many users simply unaware of the updates and even unconcerned with their own security. 

So it is definitely worth staying wise regarding potential threats and making sure that you’re well-armed and damn ready to face them. Here’s the good news — we’ve prepared some tips and tricks to help you. Let’s go!

1 Step: Stay up to date

Keeping your Mac up-to-date with the latest software is never a bad idea, and it’s particularly useful if you’re concerned about malware. Apple has always been keen to pinpoint potential threats, often issuing incremental updates that address system vulnerabilities as quickly as possible. Assuming you’ve opted for automatic updates, install them as their notifications arise, or manual install the updates from within the Updates panel located on the right-hand side when viewing the main App Store window.

All Mac users are highly recommended to download the security patch updates via the Mac App Store as they arise. 

2 Step: Enable the Firewall

The firewall in OS X is a network filter that allows you to control which programs and services can accept incoming connections. While classic firewalls do this on a per-port basis — regardless of which software is using the port — OS X’s firewall can work on a per-application or per-service basis, giving you more flexibility.

Just open System Preferences, click Security & Privacy, and then click the Firewall tab. Click the padlock icon at the bottom left to unlock system settings (you'll need to type your login password when prompted), and then click the Turn On Firewall button. Then click the Firewall Options button and, in the dialog box that appears, click the Enable Stealth Mode box. This last step means your computer will be largely invisible on public networks, such as shared Wi-Fi in a cafe.

3 Step: Encrypt the data

If you have private or confidential information on your Mac, you can use FileVault encryption to protect that information from being seen or copied. FileVault encodes the information stored on your Mac so it is locked and cannot be read unless the login password is entered.

Mac OS X may already secure important files on your behalf, but setting up FileVault’s full disk, XTS-AES 128 encryption adds yet another level of protection to your entire drive. It essentially prevents unwanted users from seeing and copying your files, setting a master password for your machine in the process, and allowing you to specify which user accounts are allowed to unlock the encrypted drive. 

To turn on FileVault, navigate to the main System Preferences panel, select the Security & Privacy option and click the FileVault tab located at the top of the window. Afterward, click the Turn on FileVault button, note the recovery key — or allow Apple to store the password on your behalf — and restart your computer when prompted.

Avira Free Antivirus
  • Never miss an app update
  • Get 24/7 live customer care
  • Discover best new software

4 Step: Scan for malware

For peace of mind you can occasionally fire up an app like Avira Free Antivirus, which simply scans through your files in order to uncover malware. The best news is that Avira is free and very easy to use. 

In addition to Avira, we also recommend the occasional use of Adware Removal, which focuses mostly on uncovering and removing adware — which is to say, hidden code within certain apps that aims to hijack your computing experience to show adverts on the desktop or in your web browser. Again, you can run Adware Removal infrequently to scan your system.

5 Step: Manage your passwords

Pass Manager
  • Never miss an app update
  • Get 24/7 live customer care
  • Discover best new software

If you use (of course you do) numerous online services frequently — you just have to generate strong, different passwords for each of them (don’t tell us you have a single one for all your accounts). If opposite – it will be easy money for hackers. On the other hand, that’s such a laborious task to remember each and every password of yours. Thus, people often store them in some text files or Stickers for easy access, but this is super insecure for such sensitive data. 

Gladly, in OS X you have a built-in alternative for managing passwords called the Keychain. Unlike other security options, the Keychain is enabled by default to store your various passwords for online services, email accounts, sharing services, and many other authentication routines. Keychain has a number of excellent features, but it's not as easy to invoke nor as diverse as 1Password, Dashlane, and other third-party password ecosystems.

So if Keychain and Safari’s ability to store passwords don’t provide you with the features you need, you should definitely give them a try.

Extra Step: Use the anti-theft software

Getting your Mac stolen sucks, but there is something you can do about it. 

  • Never miss an app update
  • Get 24/7 live customer care
  • Discover best new software

If you misplace your Mac, iCloud Find My Mac helps you locate it. Before your Mac goes missing, make sure you set up Find My Mac and know how to locate your Mac using an iOS device or another computer.

As long as your lost Mac isn’t in sleep and is connected to a Wi-Fi network or tethered to a personal hotspot, you can locate it on a map. If it’s connected to the Internet via Ethernet, Wi-Fi, or a personal hotspot, you can play a sound on it, lock it, or erase it completely.

You can also use a third-party anti-theft solutions like MacKeeper, Prey or Undercover. After installing these kind of apps on your Mac, they will sleep silently in the background awaiting your command. Once remotely triggered from your account, your device will gather and deliver detailed evidence back to you, including a picture of who's using it – often the crucial piece of data that police officers need to take action.

In addition to all above, iAlertU and Lockdown apps are gonna work like alarm if someone tries to steal or invade your Mac.

The verdict 

There are active malware in the Mac world, as you see. And one of the biggest threats is your own behaviour, both online and offline. 

Keep in mind that many security problems for OS X and Windows start with “phishing” and other forms of social engineering attacks. Through fraudulent email messages, tainted web links or rogue file attachments, criminals try to fool the user by deceptively wheedling out passwords, credit card numbers and other personal information. 

So follow our advices, be smart and it will help make sure that important information does not get stolen and devices do not get compromised by hackers.