Cisdem Learning Resource Center

Top 6 Tips About Security and Privacy in Mac OS X El Capitan

Security and privacy are fundamental to the design of all our hardware, software, and services, including iCloud and new services. And we continue to make improvements.” -- Tim Cook, Apple CEO

These years, Apple has been committed to tightening security in OS X. In the new OS X El Capitan, though there are relatively minor new features, security seems the biggest change Apple made this time. Let's go through the main new security and privacy features in OS X El Capitan firstly. Then we talk about more tips for better El Capitan security.

New Security and Privacy Features in OS X El Capitan

Security Integrity Protection: Root Has No Power Here

It's true that Apple has made improvement by the new feature - Security Integrity Protection (SIP), also called rootless. It is claimed to be a necessary step to ensure a high level of security. Security Integrity Protection aims to protect users from malicious code infecting the operating system by preventing the modification or removal of certain system files even by administrative overrides. By locking down the main system Apple will scupper the attempts of any malware to gain access to files, folders, running processes and system apps. To put it in brief, you can't modify these core files, neither can malware or hackers.

To summarize, SIP means that:

  • Core system files cannot be re-written, even by root users.
  • Injecting code into protected processes is no longer permitted by the system.
  • Only signed kernel extensions can run – no exceptions.

For most Mac users who don't customize anything or even use basic OS functions like tags in Finder, it is of course excellent to have a feature preventing malicious software. However, to those who want intense customization for their work environment, it is a little bit annoying. It will no longer be the case that administrators no longer have the root access, and change anything in the root System folder, or in a few hidden folders, such as /bin, /sbin, and /usr.

mac security

On the other hand, this feature is undoubtedly a big headache to Mac app developers like SuperDuper. Since they're blocked from editing or writing to certain protected files and folders within OS X, they have to try hard to adapt to the new way of working.

Mac OS X El Capitan's rootless "feature" is your parents trying to ground you when you're 30 and own your own house. - - User from Twitter

Two-Factor Authentication: Additional Layer of Security for Apple ID

Two-factor Annunciation in El Capitan is regarded as an optional additional layer of security for your Apple ID that is designed to prevent unauthorized access to your account. Once users enable this feature, they can then set up at least one OS X device as“trusted devices”. These devices appear in a list in your Apple ID account and can be removed from there. Whenever users sign in with Apple ID on a new device or browser, they will need to also verify by entering password and a six-digit verification code displayed on devices that have already signed in. That's to say, your password alone is not enough; you need to have information that is sent to you or generated on a trusted device. And if both should be lost, such as when a trusted device is stolen, an Apple ID is irretrievable.

If you enable two-factor authentication, iTunes purchases on Mac and Windows will require you to append a 6-digit code to the end of your password on every purchase. The 6-digit code will automatically be sent to your iOS 9 or OS X El Capitan devices.

It's a good idea have the two-factor authentication turned on, especially now that the process is a bit simpler. Note that you should be running OS X El Capitan and iOS 9 on all your devices.

Two-Factor Authentication

App Transport Security: Secure Network Connections

App Transport Security (ATS), in both iOS 9 and El Capitan, requires an app add a declaration to its Info.plist file that specifies the domains with which it needs secure communication. If your application attempts to connect to any HTTP server that doesn't support the latest SSL technology , your connections will fail. This will help prevent accidental disclosure and provides secure default behavior.

App Transport Security enforces best practices for secure network connections and is enabled by default when using NSURLSession, NSURLConnection, or CFURL. It is great thing to have App Transport Security on so that it can protect personal data from being compromised over insecure wireless connections.

Top 6 Tips for Better Security and Privacy Protection in El Capitan

Run a Two-way Firewall (Outbound/Inbound Protection)

The firewall in OS X is a network filter that allows you to control which programs and services can accept incoming connections. It is a good option to enable if you’re connected to a public Wi-Fi network, such as one at a cafe, library, or other hotspot. But did you know inbound firewalls only protect against certain kinds of attacks?

With the increasing frequency of new malware and various of targeted attacks, the best defense is to implement multiple layers of protection. The function of the inbound firewall is obviously not enough. You're recommended to make use of outbound firewall applications to alert you about a piece of software that you know full well you downloaded, but didn't think would be connecting to the Internet.

Create a Non-admin Account for Daily Use

An admin account can be used to change or delete files and also install any software. It is useful, and also risky, if the software is malicious. It is therefore necessary for Mac users to create a non-admin account for everyday activities in order to protect from some types of malware and prevent you from blundering by deleting files that you didn't mean to erase.

Create a Non-admin Account

 

You'd better also disable automatic login for this account. Try to go to the Users and Groups pane of System Preferences, and click on Login Options; you'll then see a menu that lets you choose which user logs in automatically at startup, or you can choose Off from this menu.

 

Encrypt Your Apps to Avoid Prying Eyes

Apple comes with FileVault for users of OS X 10.7 (Lion) or later, allowing them to have their data made irrecoverable in an event of theft, loss, physical compromise. To enable FileVault, first make sure you have logged into OS X with an administrator's account, and go to System Preferences > Security & Privacy > FileVault. Once there, press Turn on FileVault.

However, there's no built-in ability to lock individual apps. Try to use a third-party app encryption software mac. Cisdem AppCrypt is a preferable choice to safely encrypt Mail, Safari, Evernote, your favorite photo applications, iTunes, YouTube, Mac App Store and any other applications.

appcrypt

 Check for System and Apps Update Regularly

There is a built-in tool in OS X called“Software Update” to help keep everything updated. Try to access it by clicking on the Apple menu in the menu bar. For the updates themselves, it is always recommended to show details and review the items prompting to be installed; for the most part the user is safe but it can never be assumed.

Mac OS X has a built-in software update tool, called Software Update. You can access this by clicking on the Apple menu in the menu bar. When you launch this program, it will check Apple's servers to see if any Apple software updates are available. It's a good idea to to run "Software Update" and patch your Mac promptly when security updates are available.

Use a Mac Anti-Virus and VPN Software

There is no doubt that downloading files and exchanging files with others is fraught with risks. Though it seems that OS X does its best to protect the data, a good Mac anti-virus program is still necessary to help effectively prevent malware from loading, whether you make a bad choice of software to install, or visit a booby trapped website by mistake. It's also a good idea to keep your virus definitions up-to-date.

Besides, if you absolutely must go shopping online and only have access to public Wi-Fi, such an at an airport, a coffee shop, or some other location on a free, public Wi-Fi network, consider making use of a VPN software to ensure your data privacy.

Back Up Your Data

Data security is an important issue. Apple makes hard backups incredibly easy with Time Machine, a built-in feature that regularly backs up your entire system onto an external hard drive. It enables you to recover lost files on Mac easily. Be sure to keep good, up-to-date local and remote backups. Time Machine is a big help with local, but not remote backups.

Besides, you can also synchronize files between two Macs, so that each machine has the latest, most updated files, as well as create a bootable backup in case you're having system problems and can't access your files.

time machine

2015-11-30 23:10:54 / Posted by to Mac App Blocker Follow @ Peter

Related Cisdem Recommendations

Contact Manager Mac

Remove duplicate contacts, resolve contacts conflicts, and export Mac contacts to CSV, vCard, Excel, etc. Learn More

DVD Burner Mac

Burn any video to DVD on Mac including: MP4, AVI, VOB, 3GP, FLV, MOV, MTS, M2TS, WMV, MKV, M4V,etc. Learn More

More Related Articles You May Like

  • My Mac Got a Virus! Here Helps You Remove it and Keep Your Mac Safer

    A number of Mac users only heard malware infected Windows system and they believe Mac is powerful and safe enough that you are not going to notice any real performance decrease. However, is this really the case? Unfortunately, not! Malware does exist on the OS X platform. In this post, we will teach you how to remove virus on Mac and keep your Mac safer.

  • How to Secure Your Mac in Public Places

    Most of the time, you need to use Macs in public places like coffee shops, hotels or airport. Many thieves want to steal your Mac and many hackers choose to attack the public Wi-Fi. So you’ve got to protect our Macs, whether from physical theft or the hacker who’s trying to flip through your iTunes library (or worse). In this article, we will show you how to secure your Mac in public places.

  • Eight Essential Tips to Improve iPhone or iPad Security and Privacy in 2017

    Security and privacy is very important to us and the value of them is very high, that’s why we've enacted reams of laws to protect ourselves against its invasion, criminally and civilly. Legal protection of privacy is not enough, we have to take action by ourselves to increase and improve security and privacy. In this article, we will show you eight essential tips to improve iPhone or iPad security and privacy.

2 Responses

  • Vicky Leblanc

    Though Mac spend much to protect Mac, it seems that the attacks never stop.

    1 years ago REPLY
  • Stewart9

    It must be a welcome improvement to have Two-factor Annunciation in os x 10.11...Anyway, thanks for sharing these useful tools.

    1 years ago REPLY

Leave a Reply

Top OS X Articles

Get Inspired!

Sign up for Cisdem newsletters, stay informed on the latest products news, the hottest deals, and our holiday special sales.