- Set up a different account for each user
- Require a password on startup and when waking your Mac from sleep
- Enable automatic updates
- Enable the built-in firewall
- Use Gatekeeper to limit the apps that are allowed to run
So you’ve just unpacked your new Mac laptop or desktop, plugged it in, and gone through the initial steps to create a new user account or migrate your existing settings from another computer. Now you’re all set and ready to start surfing the web, right?
Wait a minute!
While it’s tempting to just hop online and start trying out all those great new apps and games you’ve been waiting for, there are a few more steps you can take to bolster your Mac’s security right out of the box, before ever connecting it to the internet. In today’s episode, we’ll discuss the first five things on our list, specifically addressing steps you can take to strengthen the security of your brand new Mac!
Strengthen your security
When it comes to the security of your Mac, the following best practices can help ensure that you’ve laid down a strong line of defense right from the start.
- Set up a standard user account for daily use, and separate accounts for each person using the computer. By default, the first user you create when setting up a new Mac is an administrator. Administrator accounts have greater control over your Mac than standard user accounts, with the ability to add and remove other users, install apps, and change settings in OS X. If a standard user account is compromised, the havoc it can wreck is limited to that single account, whereas a compromised administrator account can cause much more damage to your files and data. Therefore, it is a good idea to set up a standard user account in addition to the initial administrator account, and use the standard account for daily computer use. You can always switch over to the administrator account when you need to install apps or make changes to the system. Likewise, you should set up a separate standard user account for each person who will be using your computer, and consider enabling parental controls for the accounts that will be used by children. You can additionally set up a guest user for visitors to use, which doesn’t require setting up a full user account, and can be configured to limit access to files and folders on your Mac.
- Require a password on startup and when waking your Mac from sleep. You can take some additional steps to prevent unauthorized access to your files and data by people with physical access to your computer by requiring a password on login and when waking your Mac from sleep or the screensaver. While it might seem annoying to have to enter your password every time you want to use your computer, all it takes is a few seconds in front of an unlocked system for someone with ill intentions to do some serious harm!
- Enable automatic updates. Software updates can add new features to your existing apps, but they are also used to fix bugs and patch security vulnerabilities, thereby limiting potential avenues of attack that could be used to gain access to your computer. Making sure your computer is up-to-date with the latest patches is extremely important, especially when it comes to critical security updates. Fortunately, OS X can automatically check for updates, making it easy to stay up-to-date with the latest patches. While Apple is generally pretty good about making sure that their new hardware ships with the latest operating system updates, sometimes security or system patches will have been released between the time the computer arrived at the store and when you brought it home, so making sure everything is up-to-date is one of the first things you should do once you connect your new Mac to the Internet.
- Enable the built-in firewall. A firewall protects your Mac by blocking other computers from initiating contact with your Mac over the Internet or a local network. By default, the built-in firewall in OS X is turned off, so you’ll want to turn it on right away.
- Use Gatekeeper to limit the apps that are allowed to run. Apple’s built-in Gatekeeper technology adds an additional level of security by allowing you to specify which types of apps are allowed to run on your system. While the default setting for Gatekeeper (allowing apps from the Mac App Store and identified developers) is the most versatile and appropriate, you should double-check to make sure the setting hasn’t been changed to “Anywhere,” especially if you’re migrating your settings over from an older system. Setting Gatekeeper to allow apps from anywhere is not recommended, and can compromise the security of your Mac.
Join us next week, where we’ll continue our discussion of 10 things to do when setting up your new Mac — specifically, steps you can take to protect your data and safeguard your privacy!