OS X Yosemite is here! Apple’s newest operating system features a new look, with a flat interface inspired by iOS 7 and 8, and dozens of new features designed to make iOS users want to buy Macs. But what about security? How can you ensure that your Mac is as secure as possible? Here’s an overview of Yosemite’s security and privacy features.
You can adjust all of your Mac’s security and privacy settings in a single preference pane. Open System Preferences — from the Dock or the Apple menu — and click on Security & Privacy. The General pane gives you access to basic settings. If you’re not an administrator on your Mac, you won’t be able to make changes that affect the entire computer; only those that apply to your user account. If you are an administrator — or the only person using your Mac — then you’ll be able to access all the settings; click the padlock icon, then enter your password.
The best way to keep your Mac secure is to check a couple of these settings. You should always Disable Automatic Login; if you allow your Mac to log in automatically, anyone can restart your Mac and access its files and data without entering a password. It’s also a good idea to require a password a short time after your Mac sleeps or displays its screen saver. (You can adjust sleep and screen saver start times in the Energy Saver pane of System Preferences.) The safest setting is to use immediately, but you might set it to 5 seconds or 1 minute if you find yourself entering your password too often. (You might also want to change the time after which the screen saver displays; again, you do this in the Energy Saver preferences.)
In the bottom of this pane, it’s a good idea to limit which apps can launch without special approval. You may want to limit this to Mac App Store; this would be a good idea for, say, a Mac that your kids are using. But the intermediate setting — Mac App Store and identified developers — is probably best for most users. When you try to launch an app that’s doesn’t meet these conditions, you’ll get an alert, and you can still manually approve it, but this setting prevents rogue apps from running on your Mac without you being aware.
Apple’s FileVault full-disk encryption has been around for a while. If you have a laptop and travel with it, it’s a good idea to turn this on. You can do this on the FileVault pane.
Just check Turn on FileVault and follow the instructions. Don’t do this when you’re on the way out the door on a trip to visit a client; it will take a while, depending on the size of your startup volume, as all the data has to be encrypted. You can choose to allow your iCloud account to unlock your disk, in case you’ve lost or forgotten your password, or you can create a special recovery key that you’ll need for such a situation. It’s probably best to use the iCloud account option, as you’ll need to remember the recovery key, or have access to it.
OS X Yosemite provides a basic application firewall, which allows you to accept or deny incoming connections to your Mac by application. If you turn this on, you’ll be alerted any time a new app wants to send or receive data.
Click Firewall Options to see which apps have sent or received data, and which you’ve allowed or blocked. You can manually change any of these. It’s good to use this firewall, as it provides a basic level of protection, but it’s not foolproof — it does not provide outbound firewall protection — and you may want to use a more robust firewall to truly lock down your Mac.
The Privacy tab offers a number of options that you can set to keep your information secure. In the sidebar, you’ll see a list of items, many of them simple: Contacts, Calendars, Reminders, Twitter, Linkedin and Facebook all show which apps have requested to access this information. You’ll see alerts when apps make such requests, but you can look here from time to time to check, and revoke access if you wish. Location Services is similar. You’ll see a list of apps that have been accessing your location, and if you click Details next to System Services, you’ll be able to choose whether or not to allow Spotlight Suggestions to access your location.
The Accessibility section needs a bit more attention. You may have noticed that certain apps, when you launch them, display a dialog telling you that you need to go to these settings to allow them to control your Mac. This may be the case with apps that can access certain files on your Mac, or even applets created with AppleScript. When you see this alert, the app in question will be added to the Accessibility list, and you’ll have to check the box next to its name. This is the case for many apps; on my Mac, apps such as Dragon Dictate (a speech recognition program), LaunchBar (an application launcher, and much more), TextExpander (an app that replaces abbreviations I type with longer text snippets) and Script Editor (used for creating and running AppleScripts) have all asked permission to control my Mac.
This setting helps prevent apps from issuing commands to your Mac, ensuring that no app that you download and run is doing more than you expect. Accessibility is probably not the best name for this; that is generally used for the feature set that allows you to adjust your Mac if you have visual or physical deficits. (There’s an Accessibility pane in System Preferences.)
With all these security settings, you can help make your Mac extra secure while running Yosemite. Take a few minutes to check them out, and turn on the settings that work for you.
Want to add more security and privacy to your Mac?
Protect your Mac with multiple layers of security and increase privacy with our two-way firewall and Mac anti-virus for OS X Yosemite — get Mac Internet Security X8 today!