Best Practices to Keep Your MacBook Safe and Private

For years, Mac computer owners have banked on the assurance that their MacBook computer is immune to many of the problems that traditionally plague Windows computers. While this is still a popular viewpoint with Mac users, it is no longer a valid one.

Over the past several years, Mac computers have fallen prey to vicious cyber attacks, most notably the infamous Flashback malware attack of 2012 that infected over 600,000 computers. The latest update of MacBook attacks can be found on Macworld’s website.

To combat possible hacks and infections Apple and other developers have designed both onboard and third-party tools that Mac users can access to protect their privacy and keep their computers safe. Let’s take a closer look at some of the best practices for Mac users to protect their MacBooks.

Limited Access

When turning on a Mac for the first time, the OS X asks a user to create an administrative account. While the administrative account can be useful for enhancing security, it can also affect the entire system if something goes wrong, i.e., if the user accidentally installs/downloads Malware, infected software or a virus.

To mitigate a security risk, an administrator should create a second account and work from it. All additions, deletions, or changes to the second account only affect the account, not the entire OS. For instance, a secondary account holder change files in their home folder, access shared folders, change non-secure preference settings or even install software without affecting the whole system.

Disable the Automatic Login Option

When a user turns on a Mac for the first time or installs a new OS X, the computer automatically logs in at startup. At home, the auto login may not present a substantial risk. However, as a user goes mobile with their MacBook, the risk heightens significantly. The auto login allows hackers to find the computer and access the files at will.

The solution to this problem is to change the Login setting. To do this, a user goes into the Users & Groups pane of System Preferences and click on Login Options. There are two options: the admin can choose which user logs in automatically at startup or the admin can turn the auto login off. A user can also disable the automatic login option through the Security & Privacy preferences.

Use a Virtual Private Network

When it comes to security and privacy, the key issue here is preventing hackers from finding the location (IP address) of the MacBook. The most effective way to achieve this is to implement a virtual private network (VPN) on the computer’s network. A VPN creates a multi-layer shield that both masks the IP Address and creates a private tunnel network for data to travel to and from the computer. You can download SurfShark VPN for Mac here

The tunnel is impenetrable and untraceable. It allows users to take the MacBook around the globe in almost any country and use it without being traced. A VPN service such as Surfshark does more than just hide a computer from hackers. It also keeps a computer from being traced by government agencies, spammers, or Internet providers. In countries like New Zealand where certain content is controlled and banned, a VPN gives users unlimited access to almost any website worldwide.

Outbound/Inbound Firewall Protection

Like any other firewall, Apple’s built-in firewall only provides limited protection for Mac computers. They cannot shield computers from certain types of attacks. Why? Because most firewalls only offer inbound protection. They keep malware from invading the system. What happens, however, if there is already malware aboard the OS?

The answer is adding a layer of protection by installing an outbound firewall. An outbound firewall keeps malware from connecting to the Internet. In fact, an outbound firewall is more effective at protecting a computer than an inbound firewall. When working together, they can create a virtually impenetrable defense against malware.

Use Multiple Passwords and Keep Track of Them

Phishing has grown into an out-of-control cyber epidemic that has cost individuals and companies trillions of dollars in lost revenue and income. Phishing attempts have grown by 65% in the last 12 months. 76% of businesses globally reported to being a victim of a phishing attack in 2018. Phisher attack Mac users primarily by email. They lure users into providing personal information and then access private accounts or files.

The best way to protect a MacBook from phishing is to create multiple passwords on all accounts and keep track of them using a password manager. Combined with a virtual private network, a password manager allows users to protect their personal information without forgetting their passwords.

Get Rid of Adobe Flash Player

Adobe flash player contains a variety of security issues that hackers can use as an entry point for a security breach. Flash Player is known for its annoying ads, malware, and data acquisition — all of which present threats to Mac users.

With the advent of HTML5, the use of Flash has dwindled over the last five years. HTML5 is easier to use and safer than Flash Player. In fact, Adobe has announced that Flash Player will no longer be available by 2020 due to the security threats that it creates for Mac computers.

Turn on the FileVault Feature

FileVault full-disk encryption (FileVault 2) uses XTS-AES-128 encryption with a 256-bit key to prevent unauthorized access to a MacBook computer. Encryption occurs in the background while the Mac is in use, and plugged in.

Users can view the progress of the FileVault section in the Security & Privacy preferences. They can also create new files that are automatically encrypted when the user saves the files to the startup disk. To decrypt any file, the user will type in their account password or a recovery key that FileVault creates once the user activates it.

By utilizing these tools and settings, MacBook users can ensure that they keep their computers safe and secure from criminal activity. In most cases, users can keep their Macs safe by adjusting settings or taking advantage of onboard tools. However, eliminating bad files and adding a virtual private network will also give users the security they need to operate online.