Top 13 Mac security measures

Keeping your Mac safe and secure is hugely important for every user. Where once we Mac users use to feel safe under the impression that our computers were immune from viruses and other threats, we now know there’s plenty of malware around that can do real harm. Fortunately, Apple has done a great deal to mitigate the risk, and we can do even more in terms of Mac security to stay safe. Here are our tips for macOS security.

1. Review your Security preferences

Go to System Preferences and click on the Security & Privacy tab. Review your settings in each of the tab. In particular, in the General tab, make sure you have a user password set and that Disable Automatic login is checked. Now click the Privacy tab and review the list of applications that have access to your data and make sure that you’re happy with it.  You should also click the Firewall tab and make sure the Firewall is switched on.

You should also enable stealth mode, which will make your Mac pretty much invisible on a network — handy if you use public Wi-Fi, and good internet security for your Mac.

  1. Open System Preferences from the Apple menu.
  2. Choose Security & Privacy.
  3. Click Firewall tab.
  4. Make sure the Firewall is turned on.

Your Mac’s built-in Firewall is great, but it only blocks incoming connections. It doesn’t stop apps ‘phoning home,’ like initiating remote connections and sending data. To monitor remote connections, you could use Little Snitch, or to block them use an internet security tool that offers that feature.

2. Use a password manager

Most of us have dozens of usernames and passwords for different websites. Remembering all those passwords, especially if they are strong and difficult to guess is almost impossible. And writing them down is dangerous. Most browsers will offer to save passwords for you, however, a better solution is to use a password manager. That way you can store passwords for any application, not just a web browser. And you can share them with other Macs or iOS devices you own. Passwords, credit card numbers, and other sensitive data are encrypted and stored safely until you need them. It’s much safe than writing them down on sticky notes.

3. Do a Mac security scan for malware regularly

No matter how vigilant you are, there’s always a risk you could inadvertently download malware, say by clicking on a link on a website or email. Scanning your Mac regularly will enable you to find and remove any malicious files. One way to do it is to use the malware tool in CleanMyMac X. Part of CleanMyMac’s suite of cleaning tools, the malware utility scans your Mac and matches what it finds against its database of known threats. If it finds anything, it will alert you and offer to remove it. The database is updated regularly and knows all about the latest viruses, adware, and other malicious code. 


4. Consider installing a VPN

Another important piece of Mac security software is a virtual private network (VPN), which  allows you to create a secure connection to anywhere on the internet and encrypt the data that travels between your Mac and wherever you are connected to. VPNs are useful for a number of reasons. You can choose the location of the VPN server you connect to and so make the rest of the internet think you’re in a different country. This can be useful if, say, you’re travelling and want to connect to Netflix and view the same content as you can at home. But it can keep you safe as well. For example, when you connect to the internet using public wifi, it’s never a good idea to do anything that involves transferring private data, such as online shopping. With a VPN installed and connected, however, all the traffic over your connection is encrypted and so using public wifi is perfectly safe. In addition, if you’re in or travel to a country where the authorities monitor internet connections, a VPN will keep everything you do private and secure.

5. Don’t ignore system warnings

Sometimes macOS will alert you that you are about to do something that may compromise your security. Don’t ignore the warning. Take heed and consider your next move. Usually there will be no cause for alarm. For example, macOS’ Gatekeeper alerts you whenever you download an app that hasn’t been ‘signed’ by its developer. Most apps like that are fine to install and won’t harm your computer, so you can go ahead and allow them. However, it’s worth pausing to make absolutely certain you know where the app has come from and that you want to install it.

6. Install macOS updates

Apple updates macOS irregularly but always when there’s been a security flaw that’s come to light and needs a patch. So some updates, those concerned with macOS security, are crucial. You should always install those as soon as they become available. And it’s good practice to install all OS updates as soon as you can. The same applies to updates to applications you use, especially browsers. Install those as soon as you can, too.

7. Be careful with browser extensions and plug-ins

Browser extensions are very useful for adding features to the likes of Safari, Firefox, and Chrome. However, they are also a common way to distribute malware. So be vigilant and make sure you know what you’re installing when you add them. And keep them updated. If you decide you want to remove a browser extension, CleanMyMac X has a utility designed just for that purpose.

8. Use FileVault only if your Mac hosts sensitive data

macOS’s FileVault encrypts files stored on your Mac’s boot drive using military-level encryption, meaning if your Mac is lost or stolen your data will be safe. However, that security comes at a price — speed. Running FileVault will slow down your Mac, and sometimes noticeably. So you should only use it if you really need to.

9. Review Safari privacy settings

Privacy and security go hand in hand — bolstering your privacy online will make you more secure. In Safari, go to Safari>Preferences>Privacy and make sure “Prevent cross-site tracking” and “Ask websites not to track me” are switched on. You can also decide whether to allow websites to check whether you have Apple Pay set up.


Press Manage Website Data to check which websites have stored data about you on your Mac. You can choose to remove individual site data or remove everything. You can also manage and remove website data in CleanMyMac X.

10. Take control of Sharing

Your Mac can share its internet connection, files, printers and more with other computers on your network. That’s fine when you’re at home or on a trusted network. But a potential security risk when you’re on another network. Go to System Preferences and click the Sharing pane. Go through each of the options and switch them off unless you really need them. At the very least, you should make sure Remote Login and Remote Management are not checked, unless you really need them.

11. Switch on Find My Mac

Find My Mac is a great feature that allows you to track your Mac from any browser or iOS device,  if it’s lost or stolen. It could be the difference between recovering your Mac and losing it forever. Go to System Preferences and select the iCloud pane. Make sure you’re logged in and then scroll down to Find My Mac and make sure it’s switched on.


12. Use two-step authentication wherever you can

Two-step, or two-factor, authentication is a system of signing into websites or online service that requires you to use a second method in addition to a password. This usually means having a code texted to a trusted phone number, or an app. At the very least you should use it for your Apple ID. Most places where it’s available insist you use it. But if they offer it as an option, use it.

13. Back up your data regularly

Backing up your data won’t stop your Mac being stolen or hacked. But it does mean that if the worst happens, you have access to a recent copy of your data and can continue working. You should, preferably, have two backups, one local and one remote. Choose a service that encrypts backups and makes it easy to restore data when you need to.

There are a huge number of steps you can take to make your Mac more secure and mitigate the risk of being hacked. CleanMyMac X’s malware tool can help, by scanning for malware. Other than that, common sense is a great weapon. Don’t click on links in email messages or on websites, unless you’re sure where they lead. And use strong, difficult to guess, unique passwords everywhere. Don’t write them down — use a password manager instead. Do all that and follow the Mac cybersecurity tips above, and you and your Mac will be secure.

Laptop with CleanMyMac
CleanMyMac X

Your Mac. As good as new.