15 easy fixes for Mac security risks
Install antivirus software
The limited number of viruses that target Mac OS X often leads Mac users into a false sense of security. Although there are few Mac viruses out there now, that doesn't mean there will never be a virulent form of malware that threatens the Mac. And the lackadaisical approach of assuming that Macs can't be infected by a virus increases the chances of widespread infection and damage when (not if) such a virus is developed and released into the wild of the Internet.
Besides, even if it doesn't affect you directly, you might receive and inadvertently pass on a Windows-specific virus. The most common of these are macro viruses found inside Office documents -- some of which have a limited ability to affect machines with a version of Office for Mac that has macro support enabled.
Finally, if you are running Windows -- either in a dual-boot configuration with Apple's Boot Camp or under a virtualization tool such as Parallels Desktop -- your Mac is just as susceptible to viruses as any PC. In fact, if you have a Windows operating system on your Mac, you should really consider virus protection for both Mac OS X and Windows.
When it comes to antivirus programs for the Mac, a good open-source option is the Unix-based ClamAV (which works with Mac OS X but is command-line based) and its Mac graphical user interface port ClamXav.
If you want a more full-featured commercial offering that provides constantly running protection, check out Intego Systems Inc.'s VirusBarrier ($70 for one device; $200 for up to five devices), Sophos Anti-Virus SBE (variable pricing depending on number of users and years of service, beginning around $45 for a single license or $190 for five users), Norton AntiVirus from Symantec Corp. ($50 for one user) or McAfee Inc.'s VirusScan ($37 per device for up to 25 devices).
Don't allow remote guest access or enable Leopard's guest account
Macs have always supported guest access for file sharing, in which a remote user can connect to a Mac without providing a username, password or other identifying information. The idea of allowing remote access to your Mac has always been fraught with potential for security compromises. It should never be allowed because it presents a grave security threat that could prevent you from easily tracking the source of a breach.
In Leopard, Apple extended guest access to the local level: Users can log in and use a Mac with a guest account that requires no username or password. The idea of a guest account is a convenient one. If you have friends or family visiting, you can let them use your Mac without allowing them access to your user account or files. When they log out as a guest, their home folder and any files they created are automatically deleted.
There are, however, some system directories, such as the Unix /tmp directory, that the guest account can write data to that may or may not be deleted at logout (or forced restart). The guest also has access to any installed applications, which could be used to perform malicious actions from your computer. If you must use the guest account, limit its access using Parental Controls.
You can turn off both the guest account and remote guest access in the Accounts pane of System Preferences in Leopard. Select Guest Account on the left, then uncheck both "Allow guests to log into this computer" and "Allow guests to connect to shared folders."
If you'd rather keep the guest account but limit its access to files and apps, keep "Allow guests to log into this computer" checked and click the Open Parental Controls button for options.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts