Time for a Mac Security Checkup!

The new year is gonna be here before we know it, and what a nutty one 2016 has been! Well, to celebrate the end of the craziness, let’s take a few minutes and think through our security on our Macs. I’m such a party animal, aren’t I? Hey, I can’t think of any worse ways to start 2017 than with compromised data, so let’s go over the security stuff I recommend first and then party afterward. I’ll bring the booze, friends.

Analyze your password policy

If you’ve never done this before, it should be your first priority, yes, even before buying anyone presents. Don’t use the same password (or permutations of the same one, like fluffy123 and Fluffy123) for multiple websites. Make your passwords as lengthy as you can. Use two-factor authentication for websites and services that support it, like your Apple ID. And for goodness’ sake, get a password manager to keep track of everything. My favorite is 1Password—I’ve been using it for years and years, and I’ve been very happy with it.

And the program has such a nice icon, too.

But seriously, folks, think this through. I know your devices ask you for your Apple ID 43,782 times per day, but better a little bit of frustration when typing in a long password or dealing with two-factor authentication than a data breach.

And no, a paper sitting next to your Mac that has your passwords written on it isn’t a secure system. Trust me.

Protect physical access to your devices

If someone stole your Mac, how easy would it be to get private stuff off of it? If you don’t have a password set and there’s an Excel document on your desktop called “PasswordsAndBankAccounts.xlsx,” then you could probably do things better. For starters, I’d strongly recommend you consider turning on FileVault within System Preferences > Security & Privacy.

FileVault encrypts and protects your Mac’s files and other data

FileVault encrypts the contents of your disk, so if anyone takes your computer, he won’t be able to access the data on it.

Here are a few other related suggestions:

• Make sure your iPhones and iPads have passcodes to unlock them, and use six-digit ones if you can.


• Consider encrypting any backup drives you use, whether they’re Time Machine backups or created with another system like Carbon Copy Cloner.


• Configure your computer to require a password after sleep, and be sure that happens fairly quickly. Don’t let your Mac wait for a whole hour before it makes someone enter a password!

Consider your online security practices

This year, I’ve seen successful phishing attempts that led to compromised email accounts pretty often. Change your account password and then it’s no big deal, right? Wellllll…maybe. But have you ever emailed someone your credit card number or, say, a PDF containing your social security number? Yeah. Don’t do that. (And pay attention to the tip I wrote earlier this week about encrypting PDFs if you do need to send something private through email.) The best practice is to always think through what information you’re giving to website forms or what you’re emailing, for example.

Sending unencrypted sensitive data through email is a bad idea

Don’t be like me. And by that I mean don’t be a total smartass (evidence for same shown above).

Never, ever, ever give an unverified person remote access to your machine

This year, I had a bunch of clients think they were calling AppleCare or Microsoft support or what have you, and their Googling led them to call scammers instead. A quick installation of remote control software later, and a not-nice person had full power over their Macs. In most cases, this just led to the scammers trying to extort money for fake tech support, but if you let someone into your computer, you’re taking a huge risk.

Sometimes, of course, this is unavoidable—if you do call AppleCare, they may need to log in to your Mac to help you out. But be very sure that you’ve called the right number! And please don’t leave your Mac alone while someone’s logged into it, especially with the aforementioned “PasswordsAndBankAccounts.xlsx” file on your desktop.

 

Well, those are my favorite security tips! What say you? Do you use and love a different password management program? Got anything to say about something else security-related? Sound off in the comments!

 

Much appreciation goes to my pal Bryan Mahler for suggesting info for this article. Thanks, Bryan!

Share this post