Mac users believe that they are safe, safer than users of other operating systems. They have believed that they were invulnerable…that no one could get past the security provided by OS X. They were right, yes, but are also wrong…
The iPhone has a screen locking security feature that protects access to the phone through a password/pin. Users can specify settings so that if wrong password attempts exceed a certain number then the data inside would get wiped out. In a widely publicized terrorist case, the FBI had asked Apple to bypass the iPhone’s security pin lock so that the data inside could be accessed. It appears that neither the FBI or NSA or any other US governmental agency had the capability to break through the security measures. Apple stated that it does not have the code to bypass the screen locking feature and it was not willing to create a bypass for that feature. Apple believes in ensuring security of data for its customers. However, as events progressed a third-party unlocked the iPhone for FBI, and the FBI was able to access the data inside the phone. This episode demonstrates the enormous care that Apple takes to secure data stored on its products, but that security too could be broken through.
Anybody with physical access to the system and the OS can view all of the private data on the system. While the OS X is designed for ease of use, this feature also compromises privacy, which can be addressed with certain settings in the OS. Apple has imbibed numerous security features into its OS X. However, there are numerous settings that users have to configure by themselves to protect their privacy.
Step 1: Prevent unauthorized physical access to your OS X device: Apple offers an automatic login feature – disable this feature immediately, and enable the lock screen feature. Activate “Require password” so that it is mandatory for gaining entry into the device beyond the screen lock.
Step 2: Customize Privacy settings: Control the accessibility of apps on the device. Apps are typically provided access to location data, system settings, and data on the iCloud. Decide and allow access only for apps that you deem necessary, or deny access to all apps.
Step 3: Enable Encryption: The OS X allows encryption capabilities with the FileVault feature. This enables full encryption of all the data on the system. Activate it if you store sensitive data on the system.
Step 4: Password Management: Do not use Apple’s “Keychain” password system for other than logging in. Try not to use any password manager, and if you definitely have to then use a third-party password manager.
Step 5: iMessage Settings: The iPhone and Mac can be synced for calls and texts. While it is convenient, it may be disadvantageous if the Mac system is also being used by other users.
Step 6: iCloud Synchronization: The benefits of storing data on the cloud is many and the OS X is integrated with iCloud. All data across all devices are synced through iCloud, which makes data management easier and more convenient. Activate two-factor authentication if you have to use iCloud. However, it is recommended to disable sync across all devices.
Step 7: Spotlight Web Search: Queries searched on Spotlight – a system-wide desktop search feature – are sent to search engines such as Google. It is suspected that Google and Apple collect data about the search. To prevent this data collection, turn off Spotlight Suggestions under System Preferences.
Step 8: Restrict Spotlight: Spotlight can search for files within the system, and any user who has access to the system would be able to search for any file on the system. In order to prevent other users from searching for sensitive data, go to System Preferences > Spotlight and specify folders that should not be searched.
Step 9: Approved Apps: Download apps only from the Mac App Store. Try to avoid downloading from any other source as they could possibly be malicious. Exercise extreme caution if you have to download third-party apps from other sources.
Step 10: VPN Security: Try to set up a VPN to access your corporate network when trying to access through Wi-Fi networks that could possibly be breached.
Step 11: Privacy Browsing: In case you want to prevent tracking of your browsing then install free internet browser extensions such as Disconnect or Ghostery.
Step 12: Blocking Ads: Frustrated over persistent ads, then install an adblocker such as AdBlock Plus.
Step 13: Antivirus: Install an effective antivirus such as Comodo Internet Security that will protect the system from existing malware threats as well as zero-day exploits. Comodo protects through default-deny concept and auto-sandboxing that is needed to address advanced persistent threats.
Following the above-listed steps should help protect your privacy. Browse safe and stay safe.
Related Resources: