Mac Security 101

 

 

Security 101 for Macintosh Computers

Follow the Code of the Web

 

UD IT Security Home

IT Help Center

Computer Security at UD

UD Security Tool Chest

News & Alerts

Accessing UD Systems

Reporting Incidents

UD Home

 

UD logo

A.  Use a firewall.
B.  Use up-to-date Anti-Virus Software.
C.  Keep Current with your Computer's Security Patches.
D.  Set up Desktop Security.
E.  Connect securely to other Systems / Computers.
F.  Backup your files regularly.
G.  Additional Mac OS Resources.

This checklist provides recommendations for establishing and maintaining desktop computer security.

If your department has computer support personnel (CITAs), please check with them first before making any changes to your computer.



Use a firewall

  • The Internet is a dangerous place for your computer. If it's new or you haven't installed all applicable security patches, your computer will load an Operating System that is out-of-date and vulnerable to compromise, infection, theft or destruction of data and loss of privacy. Worms and malicious scanning software can exploit Operating System vulnerabilities the minute you plug into the network if you are not using a firewall.
     
  • Only one firewall should be active on a computer.   
    Activate the Mac OS X built-in firewall:  OS X 10.5   10.4.
     

Use up-to-date Anti-Virus Software

Keep Current with your Computer's Security Patches

  1. Set Software Updates to check for updates daily:  10.5   10.4.
     
  2. Microsoft products for the Mac:
    • Microsoft Office Suite:  Microsoft AutoUpdate for Mac can be set to check for updates automatically. Open an Office program. On the Help menu, click Check for Updates and set this to occur Automatically.

Set up Desktop Security

  1. Use STRONG passwords
    • In MacOS X, your login password protects access to local files as well as remote (networked) resources. See password creation tips and require all users to login.
    • Review additional password recommendations.
    • How to set / change your password:  10.5   10.4.
    • Activate a Screen Saver Password to lock your computer when the Screen Effect is activated. When you begin working again you will be prompted to type your computer account logon password to unlock it.
       
  2. Personal Non-Public Information (PNPI)
  3. Web Browsers
    • Check options specified for AutoComplete:  Internet Explorer and Safari allow certain information to be saved and used to automatically complete web forms. Although a convenience, it creates security problems if another person uses the computer.
      • Safari: Go to Safari-Preferences-AutoFill. Uncheck User names and passwords.
      • Internet Explorer: Go to Explorer-Preferences- Forms AutoFill (or click the AutoFill icon in Internet Explorer). Review options.
         
    • Clear browser's cache after visiting secure sites:  To safeguard information you have entered on a secure site, clear the cache memory after completing the secure transaction.
      • Safari: Go to Safari-Empty Cache.
      • Internet Explorer: Go to Explorer-Preferences-Web Browser-Advanced. Under Cache, click Empty Now.
    • To prevent potential abuse, inactivate Safari's Open "Safe" files after download. Go to Safari; Preferences; General. Uncheck Open "safe" files after downloading.
       
  4. E-mail
    • When using PINE e-mail on the central UNIX systems, exit by specifying "quit" to safeguard your account data.
    • Do not store your password during the configuration of Mac OSX e-mail. If you do, anyone with access to your computer can bring up your e-mail.
    • Use Secure Socket Layer (SSL) to encrypt your UDelNet ID and password when accessing e-mail. See Mac OSX mail configuration: Account Setup- Advanced tab.
       

Connect securely to other Systems / Computers

  1. Use secure client software to connect to UD central systems.
  2. Virtual Private Network (VPN)
    • Consider the level of security required for the information you are transmitting. Use VPN encryption software if you need to transmit confidential data while working off-campus.
       
  3. Mac OS X Sharing and Access Services
    • These are services your computer is offering to other systems.
    • By default, all sharing services are turned off and should remain off unless absolutely required.
    • Disabling a service on your computer, like file sharing, does not prohibit you from accessing other computers where the service is turned on.
    • Turn off Mac OS X File Sharing:  10.5   10.4.
    • To restrict anonymous access, DO NOT turn on the following services: FTP Access, Remote Login or Remote Apple Events.
       
  4. Peer-to-Peer File-Sharing programs
  5. After installing any new software, run Disk First Aid:  10.5   10.4

Backup your files regularly

Additional Mac OS Resources


Questions / comments?
Copyright © 2005, University of Delaware.