As no system is perfect, completely hacker-proofing your Mac is practically impossible, but this doesn't mean that you shouldn't at least try. Even a small hint of effort on your part could deter a lazy cyber-criminal who is simply looking to pick off easy targets. Here are some simple yet very effective ways to keep your Mac safe from those who are looking to steal your data or bypass the security that you have in place.
Don't give hackers an easy way into your Mac
The first thing that you need to know, before you even turn on your Mac, is that connecting to the Internet through a router is safer than using a cable directly, so if you can - use one. Also, a lot of people don't bother with even the most basic security settings and that gives cyber-criminals an easy way in. Don't be one of those people: secure your Mac with strong passwords for the administrator account as well as for the other user accounts that you create. I said strong passwords, so be a little bit more creative than 'password' or '123456'. Also, if you aren't too bothered by it, it's recommended that, for your everyday chores, you log in with a user account and not with the administrator one. In case a hacker weasels his way into your computer, at least he won't be able to make any major changes and gain even more access. Lastly, don't enable the auto-login feature for your user accounts. I know it's much more convenient than the alternative, but it also poses a huge security risk.
Avoid silly mistakes
The most common method used by hackers to gain a foothold into your Mac is through an email attachment. If you aren't completely sure that the attachment / URL address (web link) that you received via email is 100% trustworthy, don't click on it. Even if the respective message is coming from a friend, it may have been sent without his or her knowledge so you should contact the sender before opening it. Another common tactic for cyber-criminals is to make you download malware into your computer so be very careful about the files that you download and open or install on your Mac. Lastly, this one is very important so pay attention, whenever you are filling out a form which holds highly confidential data, such as bank accounts, social security numbers, etc. - make sure the address starts with https, not with http. (Example: https://www.paypal.com/ro/webapps/mpp/home). That "s" at the end means that the connection is secure and the data will be encrypted before being sent over the Internet.
Secure Your Browser
OS X is one of the most secure operating systems that you can ever find and most of the malware that affected it usually had something to do with Java extensions in the web browser. So if you don't use it constantly I recommend disabling Java from your browser. (And even if you need it, you can easily switch it back on and use it only for as long as you absolutely need to). Here's how to disable Java in various browsers:
- Safari - go to Safari --> Preferences --> Security and uncheck the box marked Enable Java. (To turn it back on, repeat the steps and check the box)
- Chrome - first, type about:plugins in your address bar (where you write the addresses of the websites that you want to visit). Now find the entry marked Java (it will say something like Java Plug-in For NPAPI Browsers) and click the Disable button.
- Firefox - navigate to Tools --> Add-ons --> Plugin, click on the one named Java Embedding Plugin and press the Disable button.
Encrypt your data with File Vault and enhance security with firmware passwords
In case you use Yosemite, you probably already have File Vault working since you were asked if you want to turn it on during the installation process of the OS. In case you aren't familiar with the name, File Vault is a tool embedded in the Mac operating systems (built-in), which encrypts the data on your hard-disk, so even if a hacker makes his way into your system he won't be able to access your files without the right password. To turn on this feature or check if it's already running go to System Preferences --> Security & Privacy and select the FileVault tab. If it's already on, you will see a text that confirms it and tells you the disk that it is protecting. If it's not and you want to turn it on, click on the lock from the bottom-left corner and input your admin name and password. Once that is done, you will receive a recovery key which you will need to be very careful with as it is the only way to change your password in case you forget it or it gets stolen. Once that is done, simply reboot your system and the tool will automatically start to encrypt your files (you can still do your thing, while it works in the background).
The only problem with File Vault is that (in case someone really wants to harm you) he or she can still use the Recovery Mode to delete your entire hard disk. To make sure this doesn't happen, you need to set up a firmware password which will lock the Recovery Mode for anyone except those who have the key. To do this you will need to go to Recovery Mode (restart your Mac and choose the mode after holding Command-R). Once in the OS X Utilities menu go to Utilities --> Firmware Password Utility select Turn On Firmware Password, then enter the password that you want to use (very important, make sure you don't lose it). Now, quit the OS X Utilities, restart the Mac and everything will be in place.
Other Basic Things
Other simple things that you can do to keep yourself safe are making sure that your Mac is always up to date with the latest patches and fixes by turning on the automatic updates, enabling the built-in firewall (in case you aren't already using a third-party one) and installing antivirus software to keep you protected at all times.