On Wednesday evening, I wrote about basic computer security from a Windows-centric perspective. I knew some people who needed help in a hurry, and given there was a 90% or so chance they were running Windows, I took that route.
Some of my buddies who use Macs passed it along. And much of what I said then does apply, but I’d like to clarify a few of those points.
There are four legs to basic computer security that apply no matter what you’re running: Firewalls, antivirus, patches, and passwords. And the first three of those four are a little different in the Mac world–different enough to be worth mentioning.
Firewalls. Mac OS X includes a personal firewall that goes a step or two beyond what Microsoft’s firewall does. You can find a guide for it here. One option that I like is that it has an option to only allow signed applications to receive incoming connections, though ideally, that option would go both ways.
But what I said about Microsoft’s firewall certainly applies to Apple’s OS X firewall. It’s fairly basic, but it’s good enough for most purposes–and there’s a huge difference between having no firewall and even the most basic firewall. Adding an external firewall doesn’t hurt, as long as it’s configured correctly. Everything I wrote yesterday about configuring a router applies to a Mac, or any weird machine you might have at home. No matter who made your computer, you don’t want strangers prowling around on your wireless network. The copyright cartel doesn’t discriminate if they see someone using your network to download something from a pirate site.
Antivirus. There have been several recent virus scares in the Mac world lately. I won’t rehash that here, but it illustrates the need for antivirus on Macs as well, regardless of what the commercials on television might say. Security by obscurity only gets you so far, and Macs aren’t as obscure as they once were. Although Apple doesn’t provide a free antivirus, there are several free Mac antivirus programs available from reputable vendors. Get one and use one. Two examples of freebies are Sophos and Avast. And if you want to pay for something, there’s ESET Cybersecurity for Mac.
Patches. Apple releases patches just like every other major software vendor does. They don’t release on a set schedule, and sometimes the updates may not require a restart, so it’s possible you’re getting patches and don’t know about it. Double-check your settings, and make sure your computer is checking for updates. By default it checks every week; I’d set it to check daily. Whatever you do, don’t disable it.
Adobe software checks for updates on its own; when it gives you a popup asking about updates, let it update. Adobe software is highly vulnerable to attacks.
If you run Microsoft Office, by default it’s set to check for and install updates automatically. Here’s how to confirm it’s working.
Passwords. Don’t recycle passwords, and use passwords at least 9 characters long, including at least one uppercase letter, one lowercase, one number, and one symbol. For more detail, check out what I wrote Wednesday. It all applies. As does what I said about e-mail.