Articles

Articles.

Focus Topic: Basic Mac Security.

Your Mac is an investment, and your data is valuable - keep it safe. 

It could happen - you might lose your Mac or it might get stolen. It's one thing to lose your hardware, but what about your data? Here's some basic steps to improving security on your Mac-  and what to do if your device is lost or stolen.

This article applies especially to those who travel with laptops, and it assumes that you have
admin level access to your computer; and that you keep a record of your passwords safe somewhere.

Limiting access to your Mac

Your User Account

  • Account Password:
    If someone else got a hold of your Mac, make sure they can't log in to your account.
    Your Mac saves a lot of passwords, and it's very likely certain services will be automatically logged in to when you are in your account - such as Dropbox, Google Drive, your email accounts, and so on.
    First thing to do is make sure you have a decent password on your account (not something too obvious or easy to guess). You can set your account password here: 
    System Preferences > Users & Groups > Change Password.
     
  • Auto Logon:
    Next, disable auto logon - don't allow your Mac to go straight to your account
    on power up or wake. You can change this setting here:
    System Preferences > Users & Groups > Login Options > Automatic Login.
     
  • Screen Saver & Wake:
    It's a good idea to let your Mac lock your screen after a certain idle time,
    and ask for your account password after the screensaver has set in-
    that way you can step away from your Mac and not let your account wide open to others.
    You can set your Screensaver here:
    System Preferences > Desktop & Screen Saver > Screen Saver;
    and you can set your Mac to require a password after sleep or screen saver here:
    System Preferences > Security & Privacy > General.
     

Advanced steps

  • Disk & Account encryption: 
    If your data is very sensitive - either proprietary, or confidential- you may want to consider encrypting your data. Mac OS has a function called FileVault, which will encrypt your entire disk, not just your account data. While your Mac needs to encrypt and decrypt data on the fly when in use, it doesn't impact your Mac's performance much for most users. You can turn on FileVault 2 encryption here:
    System Preferences > Security & Privacy > FileVault.
    AppleOS X: About FileVault 2
     
  • Firmware Password:
    As of Mac OS X 10.7 Lion, your Mac has a recovery partition that allows you to boot into a restore screen from where you can do maintenance and troubleshooting, and even reinstall the entire operating system.
    You can also reset user passwords from here, which is handy if you have forgotten yours - and risky if someone else does it, which would allow them to log in as you. You can also easily get your Mac to boot from either an external drive or disk, and then allow access to your internal drive data.
    In order to improve security, you should set a firmware password - which comes into play if someone attempts to access the recovery partition or boot your Mac from an external device. 
    Here's a link to an article with details on how to do this.
    AppleOS X Mavericks: Reset a login password 
    OS X DailyHow to Set a Firmware Password on a Mac with OS X Mavericks
     

iPhones, iPads, and iPod Touch

  • It's good form to set a passcode for your device. It might be annoying to have to punch in your code each time you access your phone - but your phone is also eminently losable, and it has access to a lot of private information from contacts, to mail, to passwords, and so on. It should be secured with a passcode. Here's a link to an article that will tell you how to do this:
    iOSGuidesHow to set a Passcode on iPhone using iOS 7 
     
  • Back up your iOS device to the cloud:
    Use your iCloud storage to back up your iOS device to the cloud,
    so you can easily restore it to a replacement device if yours is lost or stolen.
     

What to do if your device is lost or stolen

Locating your device

  • iCloud & Find My iPhone / Find My Mac:
    If you have an iOS device, you will also have an Apple ID- and with that, you have access to iCloud location services. You can use iCloud to help locate, lock, or even wipe your Mac or iOS device. To opt in to the iCloud service, for your Mac or iOS device, go here: 
    (Mac) System Preferences > iCloud > Find My Mac
    (iOS) Settings > iCloud > Find My iPhone
  • If your Mac or iOS device is lost or stolen, go to iCloud.com and log in with your Apple ID & password. Then select FindMyiPhone to view the location of your lost device (provided it's powered on and is connected to the internet). Here's an article with more details on how this works.
    MacworldHow to track a lost computer with Find My Mac
     
  • Display a message on your lost device:
    go to iCloud.com and put your device in "lost mode" - and have it display a message to help the finder get your device back to you. You can also lock down your device, or wipe it clean if needed.
    AppleiCloud.com
     
  • Third party services:
    You may want to consider some of the popular third party security services to help you find or recover your lost or stolen device. Here's an article on four of these services:
    AppstormKeeping Your Mac Secure: 4 Great Theft-Recovery Apps 
     

Recovering from loss

  • Restoring data:
    If you don't find your device or get it back, use your backup to restore your data to a replacement device. Check out last month's article on Backups for pointers on how to set it up.
  • iOS devices can restore quickly from iCloud backups over wifi, or iTunes backups via your Mac or PC. Here's how:
    AppleiOS: Back up and restore your iOS device with iCloud or iTunes
  • Macs can restore from Time Machine backups, and also from cloned disks,
    if you have one. Here's how:
    AppleMac Basics: Time Machine backs up your Mac 
     
  • Passwords:
    If you lose your Mac or iOS device you may want to consider changing the passwords to your most sensitive accounts - email, social media, file storage, and so on. It may be bothersome, but it will prevent further headaches down the road by disconnecting your service accounts from your lost device.
     

Lessons

  • Set an account password, and let your computer lock the screen when unattended.
  • Consider FileVault disk encryption.
  • Set a firmware password on your Mac.
  • Set up your device with iCloud tracking.
  • Use a third party theft deterrent or recovery service.
  • Use your backup to restore a replacement device, if you don't get your old one back.