How to Make Your Mac as Secure as Possible

In a recent blog post titled “Hardening macOS,” Ricard Bejarano offers an extensive list of settings you can tweak to make macOS as secure as possible. It’s a comprehensive list of tasks—and we love it—but it’s important that you understand the “why” behind his recommendations, too. Here are a few of his top tips and explanations for why you’re adjusting, installing, or modifying your Mac that way:

System Preferences is your new best friend

Ricard’s advice: “Keep your system up-to-date, both macOS and installed software”

Apple frequently releases security updates and is often quick to provide patches for new threats. Keeping your software updated is a critical component of your system’s security, and not everyone checks System Preferences all the time for the latest updates. If you aren’t running macOS Mojave, you should be looking at Software Update frequently. Make it a biweekly to-do on your calendar, even.

And if you are running Mojave, you can set Mac updates to install automatically. Go to System Preferences > Software Update and check “Automatically keep my Mac up to date.” If the checkbox isn’t fully selected (it has a hyphen instead of a checkmark), open Advanced and ensure that all of the boxes are selected (especially “Install system data files and security updates”).

Screenshot: David Murphy

Use two accounts instead of one

Ricard’s advice:

  • “Create an administrator user account with a strong password and no hint. This user is for administration purposes only.”
  • “Go to System Preferences > Users & Groups and create an unprivileged user account for day-to-day use, it is considered best practice by Apple itself”

It might feel a little strange to be setting up two accounts for yourself when you only use one most of the time, but it’s a great way to strengthen your system’s security for everyday use.

Set up an Administrator account with a strong password, which you’ll use whenever you need to modify software, update keychains, etc. Then, set up a separate, non-privileged account to use as your default account, which sets some limitations when you’re installing software or working with some “Power User” apps (e.g. for automation).

This limits your exposure by limiting capabilities. (And you can always use your admin account, with its super-secure password, to approve activities your user account is prevented from executing by default.)

Let identified developers’ apps work, too

Ricard’s advice: “Go to System Preferences > Security & Privacy > General and set Allow apps downloaded from to App Store or App Store and identified developers”

While the App Store offers the best app security (most of the time), a lot of your favorite apps might come directly from third-party developers. “Identified developers” means that the creator of the app has used code signing, a process regulated by Apple which requires developers to have accounts with Apple and provide apps that verify their own authenticity.

This isn’t a foolproof security measure, as anyone can get a developer account and sign their app, though butApple can revoke a developer’s certificate if it detects malware activity or other impropriety in their apps. If you only want to run apps that Apple has inspected and approved themselves, choose “App Store” only—but we, and Ricard, think it’s fine to expand to “identified developers” as well.

Protecting your privacy

Ricard’s advice: “Go to System Preferences > Security & Privacy > FileVault and turn on FileVault (note: may take some time)“

FileVault is Apple’s built-in method for encrypting your data, which safeguards it against other people accessing it if they have physical access to your system. There’s really no good reason not to use FileVault—it won’t impact your system’s performance if you’re running anything reasonably new (within the last few years or so).

You should also ensure that your backups (you are backing up, right?) ar encrypted and password-protected, whether you’re making a Time Machine backup or sending your data off to a cloud service. Fortunately, most of the popular backup services automatically encrypt the data you send their way—make sure you pick a strong password (and use two-factor authentication, if possible).

[“source=businessinside”]

Loknath Das
bento4d toto slot bento4d bandar togel situs toto situs toto slot thailand situs toto syair hk toto slot situs toto situs togel terpercaya situs toto situs toto toto slot https://uninus.ac.id/ pengeluaran hk
slot gacor togel online terpercaya situs slot https://disdukcapil.salatiga.go.id/ngacor/ slot gacor totomacau4d situs toto situs toto situs toto slot gacor slot gacor slot gacor slot gacor slot gacor rtp slot toto slot https://journal.dpkp.ciamiskab.go.id/ rtp slot rtp live slot gacor situs toto slot gacor situs toto situs toto togel https://faculdadediplomata.edu.br/-/ https://www.pilgrimagetour.in/-/ slot gacor situs toto slot gacor slot gacor rtp slot https://ejournal.yahukimokab.go.id/ https://mikrotik.itpln.ac.id/wp-content/uploads/ situs toto slot gacor slot gacor situs toto slot gacor slot gacor slot gacor slot gacor slot gacor slot gacor slot gacor slot gacor situs toto toto slot bento4d bento4d bento4d bento4d bento4d https://cpnsbatola.id/-/ slot777 situs togel bento4d bento4d slot777 bento4d cerutu4d rimbatoto https://smpitbinailmu.sch.id/ bakautoto bakau toto slot https://inspiracionspa.com.mx/-/ bento4d bento4d https://pafikabupatenrejanglebong.org/ https://dinkes.bogorkab.go.id/-/totoslot/ bento4d bento4d bento4d bento4d bento4d https://pafipcbangkabelitung.org/ https://pafipcindonesia.org/ https://pafipclubuklinggau.org/ https://pafipcpagaralam.org/ https://pafipclahat.org/ slot gacor slot gacor slot gacor slot gacor slot gacor
rimbatoto situs togel situs togel rimbatoto rimbatoto toto slot rimbatoto slot gacor