Blog

Secure Your Mac!

Whether you’re in school, home or toting a MacBook Pro to the office everyday, security is important. Our Macs often hold valuable information, from website passwords to banking information. So let’s take a look at security on and around your computer. Then I’ll tell you a sad story and what helped me make it through the tough times of that story.


Physical Security

The first part of security for your Mac we should consider is the physical side. Remember your data is only safe when it’s still in your possession. If you plan to leave your Mac in a more public area, say a dorm or common office, you can find a way to lock it down. Laptops and Minis come with lock openings, which you can buy a special lock for. Kensington and many other companies offer a variety of locks for electronics. iMacs and Mac Pros can also make use of such locks. Remember, you may need to add an anchor loop  onto your desk or wall, to attach your lock. Maybe it doesn’t look cool, but it could be a theft deterrent. If you’ve brought an extra external drive for back-up and large file storage, those often have lock spaces for laptop locks as well.


There are several companies that offer a Lo-Jack kind of system for your Mac, that will turn your computer into a useless brick upon your report of the theft. Try Lo-Jack for Laptops with a yearly fee or Undercover, who also offers student prices. You can get fingerprint scanners and USB keys, that will demand a personalized entry code. Remember, if your Mac leaves the room in the hands of a clever enough hacker, neither of those solutions would be helpful.


If you’ve bought a laptop, a good investment would be a decent backpack or case for your machine, so you can tote it with you to classes and the library etc. (Check the ThinkMac for plenty of reviews for cases etc.) You could store you laptop in a locked cabinet when you need to leave it in the room. Perhaps you’ve chosen to combine a PDA or iPhone with a desktop for keeping notes and schoolwork. Secure your desktop and take care with your iPhone.


One final thing to consider is insurance. You should check with your homeowners or renters insurance to see if you have coverage for household items damaged or stolen off-premises. Some policies have that built in, some can add it for a few extra dollars a month. If you’ve become a multi-computer and plethora of electronic gadgets household, it’s wise to check those policies for electronics coverage.

File and Drive Security

There are a couple of things to consider when thinking about your Mac’s internal security. First, you want to keep your files protected, particularly if you’re working on projects that you don’t want pilfered. The second aspect is network security. We live in the days now, when most large institutions have networks in place. Many of them are wireless. Luckily Mac OS X, comes with some robust tools to help with both of those issues. Remember again, all things are hackable, especially when a computer is stolen and hackers have time. Hackers can breach networks easily, when networks are not secured. Most of the time, anyone looking to break security, will look for easier targets, if they come up against resistance.

Here’s a quick overview of how to protect your files and information. Mac OS X offers user accounts (in the preference panes), which can be passworded. There is also the keychain, which can help to manage multiple passwords and offer a main password. 1-Password offers similar services, as well as password syncing on multiple machines (and iPhone). You can choose to password your computer upon booting, waking etc. You can even add a firmware password, so if someone tries to bypass the system, they may get locked out. You must remember your password in this event. Keep password smartness in mind; don’t pick obvious choices like birthdays, social security numbers, addresses, etc. I personally, like to go with a nonsensical word, not found in the dictionary word from a favorite book or movie and then toss a couple of numbers in the mix.

To protect serial numbers, documents, notes etc, you can use the OS X File Vault. Other organizational programs, like Yojimbo also offer password protection. You can use file encryption, if you’re working on sensitive data. Mac OS X, will compress, archive and protect files, folders and whole drives. There are several third parties offering such abilities also. Most of these services can be turned on and adjusted through various Preferences. Take a look and see what you find. You could choose to store your data on a protected drive or flash drive (Lexar offers Mac ready flash drives), with security protocol. You can also choose to use internet storage, this will give you a protected account as well as a variety of back up, since the files are off premises. Most, like Dropbox, offer a small free version of their service.


The second security issues we can look at are network issues. Even though there is no such thing as a truly secure computer, even Macs, OS X offers enough built in deterrents to repel casual network infiltration. Most of these are found in the network and sharing preferences. First, you can turn off file sharing and remote access, so if someone connects to your computer, they need a password to get anything out. You can turn on the built in Firewall. Be aware that may interfere with some types of internet traffic. You can turn your Mac’s ‘Stealth Mode’ on, this tells your Mac not to respond to internet requests not initiated by you. You can also set up a VPN connection in the ‘internet connection’ preference, if your institution offers such a service
One physical thing you can do for network security, if you’re allowed, is add your own router to the school network. Then in your network settings for the router, you can change your DHCP name as well as implement WPA passwords and MAC address recognition. You should for any of these settings, pick smart passwords and account names. Most routers add a built in firewall. If you can add a router, you can change your passwords every so often and you can also watch your internet traffic.


There are third party apps you can add for virus, ad-ware, spyware etc. MacScan can be used for spyware. Using a Mac, does mean we don’t have to use Internet Explorer, so we still have some natural protection from popular attacks. Still it’s always wise to remember- not to open unknown emails and attachment as well as ignore spam. You can try Spam-Sieve out, if your accounts tend to get more spam than Mac Mail can deal with. Finally, speaking of e-mail, it might be good to remember that e-mails and chat are generally unprotected and stay in the internet, indefinitely. There are some e-mail services that will send your e-mail encoded, including your account log-in information. G-mail, Eudora and Thunderbird are a few of those. Mac mail, does not, by default. But you can set it up so you encode your mail for security, with a signature and you can request mail to use ‘secure’ logging with your account settings. There is also a third party app to encode your chat in iChat as well. CryptoHeaven gives you secure online storage, back-up, secure mail, secure chat and IM, as well as file protection for a small monthly fee.


When The Worst Happens

What do you do when the worst happens? I can tell you from personal experience, theft is not 100% preventable. I had a break-in in my house that included the theft of my iBook and Mac Mini. Since both were in my house, I had neither locked down. Since the Mini was not portable, I didn’t have it passworded. The biggest thing about security I learned, is that it is very easy to think, “it will never happen to me”. Experience taught me an alarm is a good investment, as is careful scrutiny of your insurance policies. Though the police were helpful, they had no real way of tracking down my computers. (I live in a small city and the force is limited here) I wish I had taken the time to learn more about Back to My Mac and remote login in features, so I might have been more helpful to the police. I have, of course, taken better measures since then. The time that this happened was finals weeks in that semester of grad school. So all my work disappeared with the computers.

I was without a computer for 24 hours and felt lucky to have an iPhone to keep up with e-mails and stay in contact. I admit I did a lot of therapeutic Twittering at the time, too! The one thing that saved my bacon, was the fact that I run several back ups of my computers. After getting a replacement laptop, I was able to get most of my data back. So thanks to Time Machine and my .mac account I was able to re-sync my data, my settings etc. My hard drives were seen as not valuable enough to take, so I was up an drunning within a decent interval.

So the upshot of this story, is to stay prepared. Gone are the days for sympathy for lost data and mistakes. Computers have been in our culture long enough that even people who aren’t tech people can help and protect themselves. Basic security measures are pretty easy to learn and implement.