The 3 Mac security tips for Managers (and everyone)
...aka "Macs don't get viruses... oops, not really!" -
Managers, artists, teachers, and just about anyone else can follow these tips to make your Mac a security tank!
Combine these 3 tips with regular updates of your computer and applications and prudent web-browsing (think especially of blocking un-needed ads or other javascript) to make your Mac as strong as a castle or a tank - This is an archive & git copy of the most important ways people can secure their Macintosh computers.
Part 1: Use a regular user account.
These tips also apply to Microsoft Windows and Linux/Unix. If you follow these tips, it will make your computer run more quickly and much more safely, and keep you in line with your IT Policy at work as well as policies of other organizations you may visit.
If you operate your computer as a normal user, (you may hear this referred to also a a non-privileged user, non-admin user, or similar), you will literally reduce your chance of most types of security-related problems with your computer, by over 80%. I've seen reports that put this even as high as 95%! The smartest IT minds in the world agree with this tip: here is a very easy-to-read report from the ASD, and if you want to go down the security rabbit hole, see also these older reports from the UK's NCSC, and America's NSA.
Hopefully, all of your company's computers are already setup this way. To make this change on your personal computer, it is super easy, and if I find a nice Youtube video for you, I will come back and post it here, or even make one myself someday.
Feel free to grab a tea with me and have a nerdy chat, or share with me your favorite new music and films, at any time. Reach out!
Part 2: Don't install apps outside of the Apple "App Store."
Here is the next instalment of "Mac's don't get viruses (oops... not really!)"
This tip also applies Linux and other Unix systems with their "repositories"--even Windows is largely moving in this direction--there is an official "Windows Apps" store now, which is growing quickly, programs like Microsoft Office have moved largely to online versions.
So this will prevent you from getting almost 100% from any type of malware, even viruses, or even the new-fangled "ransomware" which I'm sure many of you have heard about lately. The tip is as simple as this: do not click any warnings that pop-up on your computer that something "is not signed," and never change the settings under System Preferences > Security & Privacy > General, lower than the middle setting, as shown in this image. Leave this at the top setting if possible, and only if needed for popular 3rd-party programs like Adobe Suite or Avid's Pro Tools or Media Composer, select the middle/2nd setting. Never use the 3rd choice.
Hopefully, all of your company's computers are already setup this way. To make this change on your personal computer, it is super easy, and if I find a nice Youtube video for you, I will come back and post it here, or even make one myself someday. If you're interested in the meantime, I recommend this blog! Have a nice one!
Part 3 - DO NOT USE PASSWORDS FOR MORE THAN ONE THING!"
Here's the last edition of our 3-part-series of tips to make your computer run better for you, and protect yourself online.
These days, tips like this are not even optional-- they'll keep you in line with your IT Policy at work and other companies--and even more importantly protect your personal relationships, your creative assets such as your music or film files, and as you'll see today, even your money!
Does that title look like screaming ;-) ...it is. Friendly screaming, albeit.
Q: How can I fix this problem? A: Don't use the same password for anything important. That's it.
In a recent interview I did on the Brakeing Down Security Podcast (sic) several of the top Security professionals in Europe, which I interviewed that day, agreed that ironically password reuse was the biggest problem facing organizations today, because of how it may lead to so many other risks. One person even suggested to do away with passwords completely in favor of something new.
If you want to hear some of the worst IT-scare-stories I've ever seen, read this about locking people out of there Apple stuff, or this about losing your life savings while buying a house. These are most simply the result of... yup, password reuse.
You don't have to take my word for it: take a look at online databases of leaked passwords, and search for an old e-mail address, or a friend's e-mail address (*for security, please don't use your own, current e-mail addresses).
If you have trouble making up good passwords, then use a software password manager, like LastPass or KeePass. As well if you store anything really valuable to you or your company, online, then use an un-related 2nd factor for logging in. Better yet don't store private or important things online at all! Feel free to come to me with questions like this, at any time.
...This concludes my series of how to easily secure your Mac. Like I mentioned in the Introduction, if you combine these 3 tips with regular updates of your computer and applications and prudent web-browsing (think especially of blocking un-needed ads or other javascript) it will make your Mac safe against almost anything that would come it's way. Thanks for reading, and contact me with any comments or questions !
---
---
notes:
This was adapted from a company newsletter and used in production/"security awareness training" which I wrote at a former employer. This was also shared on my new github account that I mention below, so feel free to use the text from here, or there in your own security awareness trainings or newsletters.
I'm in the process this weekend of setting up a new github account, for personal use; to keep things separate from a few project sites, and mostly to share sysadmin scripts I've written in production for some recent new job applications in process. I also hope to use the site to fork python projects and other code that I might hopefully work on for fun and learning, sooner than later.
No comments:
Post a Comment