Top 13 Mac security measures

Keeping your Mac safe and secure is hugely important for every user. Where once we Mac users felt safe under the impression that our computers were immune from viruses and other threats, we now know there’s plenty of malware around that can do real harm. Fortunately, Apple has done a great deal to mitigate the risk, and we can do even more in terms of Mac security to stay safe. Here are our tips for macOS security.

1. Review your security settings

Go to System Settings and click on the Privacy & Security tab. Review your settings in each of the panes. In particular, under Privacy, review the list of permissions and the applications that have access to your data and make sure that you’re happy with it. 

You should also enable stealth mode, which will make your Mac pretty much invisible on a network — handy if you use public Wi-Fi and good internet security for your Mac.

  1. Open System Settings from the Apple menu.
  2. Choose Network.
  3. Click Firewall.
  4. Make sure the Firewall is turned on.

Your Mac’s built-in Firewall is great, but it only blocks incoming connections. It doesn’t stop apps ‘phoning home,’ like initiating remote connections and sending data. To monitor remote connections, you could use Little Snitch, or to block them, use an internet security tool that offers that feature.

2. Use a password manager

Most of us have dozens of usernames and passwords for different websites. Remembering all those passwords, especially if they are strong and difficult to guess, is almost impossible. And writing them down is dangerous. Most browsers will offer to save passwords for you; however, a better solution is to use a password manager. That way, you can store passwords for any application, not just a web browser. And you can share them with other Macs or iOS devices you own. Passwords, credit card numbers, and other sensitive data are encrypted and stored safely until you need them. It’s much safer than writing them down on sticky notes.

3. Do a Mac security scan for malware regularly

No matter how vigilant you are, there’s always a risk you could inadvertently download malware, say, by clicking on a link on a website or email. Scanning your Mac regularly will help you find and remove any malicious files. One way to do it is to use the Malware Removal tool in CleanMyMac X. Part of CleanMyMac’s suite of cleaning tools, the malware utility scans your Mac and matches what it finds against its database of known threats. If it finds anything, it will alert you and offer to remove it. The database is updated regularly and knows all about the latest viruses, adware, and other malicious code. 

4. Consider installing a VPN

Another important piece of Mac security software is a virtual private network (VPN), which allows you to create a secure connection to anywhere on the internet and encrypt the data that travels between your Mac and wherever you are connected to. VPNs are useful for a number of reasons. You can choose the location of the VPN server you connect to and so make the rest of the internet think you’re in a different country. This can be useful if, say, you’re traveling and want to connect to Netflix and view the same content as you can at home. But it can keep you safe as well. For example, when you connect to the internet using public Wi-Fi, it’s never a good idea to do anything that involves transferring private data, such as online shopping. With a VPN installed and connected, however, all the traffic over your connection is encrypted and so using public Wi-Fi becomes perfectly safe. In addition, if you’re in or travel to a country where the authorities monitor internet connections, a VPN will keep everything you do private and secure.

5. Don’t ignore system warnings

Sometimes, macOS will alert you that you are about to do something that may compromise your security. Don’t ignore the warning. Take heed and consider your next move. Usually, there will be no cause for alarm. For example, macOS’ Gatekeeper alerts you whenever you download an app that hasn’t been ‘signed’ by its developer. Most apps like that are fine to install and won’t harm your computer, so you can go ahead and allow them. However, it’s worth pausing to make absolutely certain you know where the app has come from and that you want to install it.

6. Install macOS updates

Apple updates macOS irregularly but always when there’s been a security flaw that’s come to light and needs a patch. So some updates — those concerned with macOS security — are crucial. You should always install those as soon as they become available. And it’s good practice to install all OS updates as soon as you can. The same applies to updates to applications you use, especially browsers. Install those as soon as you can, too.

7. Be careful with browser extensions and plug-ins

Browser extensions are very useful for adding features to the likes of Safari, Firefox, and Chrome. However, they are also a common way to distribute malware. So be vigilant and make sure you know what you’re installing when you add them. And keep them updated. If you decide you want to remove a browser extension, CleanMyMac X has the Extensions module designed just for that purpose.

8. Use FileVault only if your Mac hosts sensitive data

macOS’s FileVault encrypts files stored on your Mac’s boot drive using military-level encryption, meaning if your Mac is lost or stolen, your data will be safe. However, that security comes at a price — speed. Running FileVault will slow down your Mac, and sometimes noticeably. So you should only use it if you really need to.

System Preferences - Privacy & Security

9. Review Safari privacy settings

Privacy and security go hand in hand — bolstering your privacy online will make you more secure. In Safari, go to Safari> Settings > Privacy and make sure “Prevent cross-site tracking” is switched on. You can also decide whether to allow websites to check whether you have Apple Pay set up.

Click Manage Website Data to check which websites have stored data about you on your Mac. You can choose to remove individual site data or remove everything. You can also manage and remove website data in CleanMyMac X using its Privacy module.

10. Take control of Sharing

Your Mac can share its internet connection, files, printers, and more with other computers on your network. That’s fine when you’re at home or on a trusted network. But a potential security risk when you’re on another network. Go to System Settings > General and click Sharing. Go through each of the options and switch them off unless you really need them. At the very least, you should make sure Remote Login and Remote Management are not selected unless you really need them.

11. Switch on Find My Mac

Find My Mac is a great feature that allows you to track your Mac from any browser or iOS device if it’s lost or stolen. It could be the difference between recovering your Mac and losing it forever. Go to System Settings and select your Apple ID > iCloud. Make sure you’re logged in and then scroll down to Find My Mac and make sure it’s switched on. Additionally, turn on Find My Network as an extra layer of protection. 

12. Use two-step authentication wherever you can

Two-step, or two-factor, authentication is a system of signing into websites or online services that require you to use a second method in addition to a password. This usually means having a code texted to a trusted phone number or an app. At the very least, you should use it for your Apple ID. Most places where it’s available insist you use it. But if they offer it as an option, use it.

13. Back up your data regularly

Backing up your data won’t stop your Mac from being stolen or hacked. But it does mean that if the worst happens, you have access to a recent copy of your data and can continue working. You should, preferably, have two backups — one local and one remote. Choose a service that encrypts backups and makes it easy to restore data when you need to.

There are a huge number of steps you can take to make your Mac more secure and mitigate the risk of being hacked. CleanMyMac X’s Malware Removal tool can help by scanning for malware. Other than that, common sense is a great weapon. Don’t click on links in email messages or on websites unless you’re sure where they lead. And use strong, difficult-to-guess, unique passwords everywhere. Don’t write them down — use a password manager instead. Do all that and follow the Mac cybersecurity tips above, and you and your Mac will be secure.