Secure

We believe that you should be able to use your Mac knowing that you are safe from outside risks. You should be using discrete passwords for every site you visit, particularly those storing credit card or personal information. A firewall that works, particularly on a laptop is essential. For your email, you need a dedicated password that is not being used for any other purpose.

We all use email; it has become a key communication medium in the digital word. However, it is becoming increasingly clear that most email is anything but private! Our best practice is to:

• Use a dedicated password(s) for your email account(s). Do NOT use this password(s) for anything else.
• Consider having multiple email accounts and only use your ‘personal’ email address for friends and family. Use a second (or additional) email address(es) for all web site registration and sign-in.
• Enable the Secure Sockets Layer (SSL).
• Encrypt your email to friends and family. This is relatively simple to do, but requires the other party to follow the same steps. If you send and receive email on your iOS device(s), you will need to copy your security certificate and keys to each iOS device. To test your S/MIME encrypted email, please email us here at ask@themacengineer.com. We will reply to confirm that your encryption is working.

Most of us have a router (wired or wireless) at home that provides an effective firewall. However, if you are a laptop user that uses your machine outside the home, you need to set up a software firewall too. Our best practice is to:

• Ensure all remote management options on your router are disabled (the default).
• Ensure all router ports are closed. Again, this should be the default setting.
• Use dedicated firewall software on any laptop and make sure it is operating.

Apple provides all sorts of tools to secure your Mac. Use them! They are simple and very effective. Our best practice is as follows:

• Always require a user password on restarting your Mac.
• Disable all 'guest' logins
• If you have multiple users in your home, give them each their own user name and password.
• Use the 'FileVault' to secure important personal information (like your passwords!)
• Do not use an 'Admin' user account for 'everyday' Mac use.

Ten years' ago it may have been acceptable to have a few Internet passwords that you used across multiple websites. Today it is imperative that you use a unique and complex password for every site that holds any of your personal information. Our best practice is to:

• Use a unique (different for every single site) and complex (15 to 30 characters using upper case, lower case, punctuation and numerals) for every website that has access to any personal information. Use the longest and most complex passwords for your bank account, credit cards, etc.
• Make sure your email password is also unique. Depending on how your email is configured, this password may be transmitted 'in clear' every time you check for new email.
• Do not keep a copy of your passwords anywhere that is not totally secure and/or encrypted.
• Use iCloud or other reputable password management software to generate and manage your passwords.

This may sound like something from a Bond film, but the reality is that today some websites use so-called 'tracking cookies' that actively monitor the sites that you visit. Our best practice is to:

• Use reputable third-party software to scan your Mac every day for any tracking cookies or other spyware.
• Keep the cookie and spyware definitions up to date.

Here is an example of why you need to pay attention. This is doing the rounds at the moment. Following the link adds a trojan to your system. This is a real funeral home in Texas that has nothing to do with this email!

The reality is that everywhere you go on the Internet, you leave a digital trail that is easy to access (as is clear in the press at the moment). Each website you visit can see your IP (Internet Protocol) address (think of it like your Internet phone number). They can tell which country you are in, your Internet provider, the browser you are using, etc. Some websites (the BBC for instance) only provide full functionality to those with specific country IP addresses (The BBC requires you to have a UK IP address to use their Red Button functionality). Through the use of a VPN (Virtual Private Network) it is possible to appear to be based in almost any country you choose. The use of a VPN offers the added benefit of totally concealing your Internet digital trail.

We have all come to depend on wireless networks. It seems we increasingly use them for everything from surfing the Internet to controlling our thermostats and refrigerators! However, they can provide access to our home computers to anyone with a modicum of technical knowledge (like the neighbors kids!). It is important that your wireless box is correctly set up. Our best practice is as follows:

• Make sure your network name (known as the SSID) is set to something that nobody can tie back to you. Do not use your street address, name, child's or dog's name. Choose a network name that is totally random.
• Make sure that WPA2 encryption is enabled and that your password is not too easy to remember. It may be tempting to have a password that your kids can remember, but you want to control who has access to your network. Remember, the next aspiring hacker may live nearby!
• If you are using a new Apple router, enable the guest network and only ever let guests and visitors join this network.