The question of privacy in the modern world concerns not only celebrities. After numerous data breaches, millions of personal data entries regularly appear available to the public. For many users, it is difficult to properly configure their personal computers in terms of security and privacy.
Macsecurity.net editors prepared detailed instructions that will save you from unnecessary worries.
Configuring macOS
Ease of use is one of the most famous advantages of Mac computers. Nevertheless, there are also some problems arising from this fact. For example, private data is stored practically open, which may help intruders or malicious applications to steal it. Despite this, macOS has an extensive list of security settings that can be tweaked in pursuit of better protection.
Check your security settings
Go to System Preferences then Security & Privacy and select the Privacy section. Select applications that are allowed to determine your location information.
Enable FileVault
macOS comes with the built-in FileVault encryption system. By enabling it, you will need a login and password or a recovery key to view any data on the computer. You can configure it in the same settings section. After that, all internally stored data will be encrypted, and the system will require a password for any access to the data.
Do not use the Keychain
Do not rely on the built-in password storage service, especially in everything related to your browser's data. Instead, use third-party solutions like LastPass. Unlike Keychain, where access to all account data, cloud storage, encrypted files is guaranteed by the system password, its alternatives require entering a master password. This will greatly complicate the life of intruders wishing to access your personal data.
Check your iCloud settings
Synchronization with this cloud storage is one of the main advantages of the Apple ecosystem. However, if you have a shared computer, the automatic synchronization of photos, files, contacts and other system and applications data can become a source of leaks of important information. In this case, you should consider disabling iCloud.
To do this, go to System Preferences → iCloud and press the Sign Out button. Doing so will become an additional feature that will help protecting your personal data. If you do not want to miss all cloud storage benefits, check at least if two-factor authentication is enabled.
Disable iMessage and FaceTime
The Continuity set of features was the main innovation of OS X Yosemite and the most anticipated improvement of the company's ecosystem of products. Thanks to it, calls, messages and data about the status of most applications get synchronized on Macs and iPhones.
Now imagine that a stranger works on your computer, and you get a private message. Not only will he see a pop-up notification with the text, but also by going to iMessage, he will be able to read all the correspondence. A computer is a much less personal device than a smartphone, and if this lack of security bothers you, disable Continuity in iMessage and FaceTime.
Disable Spotlight Web Search
For Spotlight to work, it needs to send data about your search queries to Google or other search engines that you use. Spotlight also sends this data to Apple, which does not seem a good idea, even despite the company's consistent privacy assurances. To disable it go to System Preferences → Spotlight → Search Results. There it is necessary to remove the check mark near the Spotlight Suggestions.
Hide your most important files
You can protect yourself from displaying specific files to an outsider who is using Spotlight. Uncheck the files that you do not want to display. They will continue to be indexed but will not appear in search results. Also, in the privacy settings, the same can be done to folders.
Protect your personal data
macOS does not protect your data from third-party applications, which means you need to do all this yourself. Below are several tips that can enhance your security.
Download browser privacy extensions
If you spend a lot of time browsing the web - install AdBlock Plus and Disconnect. They will protect your personal data from leakage and tracking by ad robots, websites and search engines.
Use VPN
Virtual private network technology is useful for protecting confidential data when using public networks. If you work on a computer in cafes or other crowded places – consider installing one of the VPNs from Best VPN Rating list.
Install only approved apps
This option is enabled in macOS by default. It limits the installation of applications from shady marketplaces and unknown sources, thus protecting the computer from malicious code, which can be a source of problems for other gadgets that interact with it directly (iPhone). To protect yourself, go to System Preferences → Security and Privacy, and in the General section, select the Mac App Store from the Allow applications downloaded from option.
These are the simplest steps that enhance your security. For additional protection, use privacy-friendly browsers and replace the Google search engine with something like DuckDuckGo.
Block physical access to your computer
Securing only access to data on the computer is not enough. An important aspect of security is to protect physical access to the computer itself.
Activate the lock screen
To do this, go to System Preferences → Security & Privacy, and in the General tab, select the Require password and Disable automatic login fields to make sure your Mac is prompted for a password.
Hide your username
By default, the lock screen displays all usernames available for logging in. In theory, this allows an attacker to guess the password and access the data.
The below command adds another level of your security, requiring both the username and password to be entered when logging in:sudo dscl . create /Users/hiddenuser IsHidden 1
Add a guest account
When you need to give your computer for a short time to a friend or another person, a guest account is the best way to protect your personal data. Go to System Preferences → Users & Groups and select the Guest User option. Then select Allow guests to log in to this computer. If FileVault is enabled on the computer, the user will be able to use only the browser, which is enough for most short-term sessions.
Bottom line
All of the above tips will make your Mac more secure, personal data more private, and browsing a bit safer. Naturally, no protection is ideal, and it can always be bypassed, but you will at least complicate the life of an attacker