- Keep software Up To Date
- Use a Non Admin Account
- Only allow Apps from Trusted Sources
Apple takes great care of the security of the OSX operating system. All applications from the app store are safe. Most 3rd party apps which are not sold on the app store are signed by trusted developers. Ensure only safe software can be installed by selecting: System Preferences > Security & Privacy > General: Check the "Mac App Store and identified developers" Use one dedicated Admin account that is only used or system maintenance and updates. And a separate user account with "Standard" rights to the system.
- Disable Java
- Uninstall Flash or keep it Up To Date (Use Google Chrome for Web Video content)
- Use strong and unique passwords (1 Password is a great help!)
- Enable Firewall
- Turn Off Ipv6 Networking
- Use Open DNS service
- Enable location services only for the Apps you approve of.
- Tun on Two-Step Authentication where available (Google, Apple IT, Dropbox, etc.)
The internet is a wild place and we have to prevent your Mac from connecting to the bad places to keep your data and online reputation safe. The most important thing to do is to use a unique strong password for each and every website. Java and Flash are plugin protocols for web browsers that have many security weaknesses that constantly need to be repaired. If you choose to install these make sure you keep them up to date so patches can be installed. Lock down your virtual front door by Enabling the Firewall in your Mac and/or network router. Additional shielding can be obtained by implementing Open DNS.
Enabling Firewall is one of the most basic things you can do to protect your Mac from the internet. Although there may be better firewalls out there, the one built into your Mac is sufficient for most peoples needs.
To further limit connecting to other computers only inside your own network you can disable iPV6 by turning it into Local link only. A simple way to turn off IPv6 is to use System Preferences. This will not fully turn off this protocol but will effectively limit to your home network. This means that transmissions cannot go further than your home router. This is a simple change and one that is easy to implement. It also allows Bonjour and other applications on your Mac to still run, as these service use the IPv6 network.
Open System Preferences and select the Network preference pane. Select network you are currently using, such as Wi-Fi or Ethernet. Press the Advance button to get to the extra setting. From here select the TCP/IP tab.
You will notice there is a drop down menu entitled ‘Configure IPv6′. From the drop down list select ‘Link-Local’. This will effectively limit IPv6 to your Mac. In the image below there is an off option which you can also select.
Macbook, iPhone, iPad etc.
- Disable Automatic Login
- Require A Password On Wake/Screen Saver
- Log Out Automatically
- Don't use public WiFi
In case your portable Mac gets lost or stolen prevent the finder from accessing your personal data. Avoid accessing the internet from public hotspots.
- Secure Empty Trash
- Encrypt with FileVault
- Use a data encryption application like 1Password.
Encrypt the entire disk by enabling FileVault (System preferences > Security & Privacy tab). At least store the sensitive data in a encrypted database or encrypted disk image.