1. Turn on FileVault
FileVault is a whole-disk encryption system. It wraps all the contents of your disk in an layer of encryption. This means that even if attackers have access to your physical hard drive, they cannot decrypt the data without your password.
FileVault is turned on by default in all new Macs. But if you have an older Mac, or you used a Time Machine clone to copy your Mac’s files to your new machine, FileVault might not be turned on. You can adjust this under the “Security & Privacy” pane in System Preferences.
2. Choose a Complex Login Password and Use It
While this tip is most important for users with laptops that travel, it’s a good tip for everyone. Using FileVault won’t matter if your password is “password.” This setting is also found under the “Security & Privacy” pane in System Preferences.
Of course, that password doesn’t do any good if you don’t use it. Make sure you set your computer to require the password as soon as it sleeps. If you use a desktop Mac, get it the habit of manually sleeping your computer to ensure it’s always protected. Also disable auto-login and ensure you’re setting your Mac to sleep after a few minutes of inactivity as a fail-safe.
3. Use a Password Manager
These days secured personal data doesn’t tend to exist on your Mac’s hard drive. Instead, it lives in the cloud, in social media accounts, and in remote backups. Unless secured with a complex and unique password, that data is vulnerable to silent, remote extraction.
Download a password manager like Dashlane and get started using it right away. Use the password generation tools to replace duplicate or simple passwords with long and complex ones. Also, turn on two-factor authentication for any accounts that support it.
4. Employ Encryption Selectively
For highly confidential documents, you’ll want to encrypt them separately from your whole-disk encryption scheme. 1Password actually offers the option to upload up to 1 gigabyte of files which are secured with the same method that protects your password. You can also use stand-alone encryption software like Encrypto. For the thinnest but most convenient layer of security, you can set passwords on PDFs with Preview.
5. Use Find My Mac to Wipe Remotely
Turn on “Find My Mac” under the iCloud System Preference pane. This uses your Mac’s Wi-Fi connection to keep track of its physical location. If the device is lost or stolen, you can find out where it is.
This will also enable you to remotely wipe your Mac if it ends up in the wrong hands. Even if you can’t recover the device, you can make sure information doesn’t wind up in the wrong hands.
6. Ensure Your Firewall Is On and Enable Stealth Mode
By default, your Mac’s software firewall should be on. But just in case you’ve turned it off, take a look under the Firewall tab of the Security & Privacy pane. You can also use third-party firewalls like Little Snitch that offer more complex protection.
You can enable additional protections by turning on stealth mode. This stone-cold preference name keeps your computer from responding to network probing applications like
ping. You can find the setting under the “Firewall Options …” button of the Firewall pane, down towards the bottom.
7. Turn Sharing Off Until You Need It
If you use your Mac on a home network frequently, you might have file sharing turned on. If you ever use your computer on a network you do not completely control, you need to turn that off.
It’s best to turn “Sharing” options on only when you need them. This includes File Sharing, Printer Sharing, the whole shebang. It’s better to close up all potential ports when you’re on a public network than risk an unexpected intrusion.
8. Secure Your Network Activity
Your Mac isn’t just about its hardware. It’s also about the networks that your Mac connects to. Poorly secured routers can often be a vector for attack.
Make sure you’re using the most up-to-date firmware for your router and that you use a secure and complex password. If you give your password to any guests, change the password as soon as they are done.
You can further secure your online activity with a VPN. This will encrypt your network traffic, preventing prying eyes from checking in.
9. Encrypt Your Backups
Any smart computer user will have a backup system. But if your backups aren’t as secure as your main drive, they represent a vulnerability. Make sure you encrypt your Time Machine backups under the Time Machine preference pane. Also make sure you encrypt any other backups you have, whether cloned disk or web-based backups.
Use the security steps that are necessary to compensate for your level of risk. Very few of tips will interfere with the normal operation of your Mac. You’ll be more secure without being bothered by it.
This article was first published in August 2010 and was updated in June 2018.
Image credit: Cyber Security Firewall Privacy Concept by Rawpixel.com/Shutterstock