Surfing the web can leave you open for security issues, and though Macs are good at keeping you secure, nothing is foolproof. Because no machine is 100 percent safe, you should be aware of the associated risks, regardless of what you use.
When keeping your Mac secure, make sure that you stay up to date on new security threats. Updates are always available, and as new security threats are undercovered, there are generally an array of fixes and temporary changes that are available that allow you to take control before other issues are found. It is important to stay in the know to ensure the best safety as new things emerge all of the time.
Make sure that your Mac is subscribed to Apple’s Software Update, and each time there is a security update, take advantage of it. This makes sure that you have the fixes when they become available, so that way you are aware of when issues need to be fixed.
You should also stay updated with online and offline sources, such as user groups, Twitter feeds, and other sources that keep you posted about security issues, give you the details on protection possibilities, and ensure that any updates are legitimate. Im addition, if you’re using apps that are downloaded from other parties, double check that they are secure and update when needed.
Another tip is to use a personal firewall. A personal firewall controls network traffic that runs to and from a computer, and allows (or denies) any communications based on specific security policy. This will keep you safe, assuming it is fully enabled for logging, and that way you can use an app to analyze the log to highlight any issues that might arise.
As everything in life, a good password will get you far. No longer will “password” or “1234″ cut it, but really, has it ever? Choose an alphanumeric code that is hard to guess, and Apple offers a built-in password assistant, which is found in the Keychain. The Keychain Access app is a front-end to the password management system that stores passwords for email, websites, networks, disk images, servers, notes, and more, making accessing and storing passwords seamless. Also you can research and download a Mac Keylogger.
Keeping it confidential is also key, so be sure not to send confidential information regularly by email. Assume that all emails aren’t safe unless proven otherwise, so be picky with what you’re opening as an attachment. Most often, attachments in email messages include viruses, unless you know the sender, and always double check that the context of the email matches up with the person’s attachment (or that they mentioned there is one attached. Even more, never click on links that are sent in an email message (again, unless relatively verified by the sender. When you don’t know the sender, it is generally sent by a “phishing website” that is trying to snag personal information from you. To avoid this, type URLs right into the browser, use bookmarks when possible, and only click on links from reputable people with reputable sites. Getting anti-virus applications also help. Though Mac-specific viruses are rare, anti-virus apps can help in odd instances.
Keeping your Mac’s goods will also help, so if you can keep it confidential, even better. Though it is simple to share iTunes music, iPhoto pictures, printers, and more, it is safer to use them just for your own or restrict the access to a couple machines in your home or office. Securing your wireless access via your AirPort is also important. You can change your router’s password often, and don’t allow it to be administered via the Internet when you are out of the home.
General security note: You should always have as many levels of defense as you can, just like in the physical world. Think of the crown jewels in a locked box in a secret, guarded room in a guarded castle with high walls, a draw-bridge and a crocodile-infected moat. From an Internet security point of view, think of good physical security (castle optional), a router-based firewall, personal firewalls, all services off by default, good passwords for any services you do offer and encryption of critical data.