eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
1Create a Non-Admin Account
2Use a Secure Web Browser
Users should look for a browser that contains a sandbox and has a strong track record of quickly fixing security issues, Raiu said. He recommends Google’s Chrome for several reasons, including the fact that it’s updated more often than Apple’s built-in Safari browser. It also has a sandboxed version of Flash Player, which creates significant hurdles for malicious exploits.
3No Standalone Flash Player
4Ditch Java
Like Flash Player, Java is a popular target for exploit writers who want to plant malware on systems. Kaspersky suggests uninstalling Java from the machine completely. A problem, Raiu said, is that Apple doesn’t let Oracle update Java for Mac completely. Instead, Apple officials do the updating themselves, and usually several months late. That means the window of exposure for Mac users is much longer than for PC users. If a user must use Java for specific applications, they should at least disable Java in Safari and other Web browsers.
5Update and Patch When Necessary
Many of the recent attacks against Mac OS X have taken advantage of old or outdated software. Among the most commonly exploited suites are Microsoft Office, Adobe Reader, Acrobat, and Java. That said, there are other applications that also can be abused. Whenever a user sees Apple’s “Software Update” prompt, they should apply the fixes and reboot the systems when necessary.
6Use a Password Manager
Included in Mac is a built-in password manager, called the “Keychain,” which can help deal with phishing attacks. When possible, users should generate unique, strong passwords for their resources and keep them in the keychain instead of relying on simpler passwords that are easier to remember. When a cyber-criminal compromises an account, they will immediately try the same password in other places, like Gmail, Facebook, eBay, etc. Having a strong, unique password on each resource will boost a user’s online security, Raiu said.
7Use a Password Manager
Included in Mac is a built-in password manager, called the “Keychain,” which can help deal with phishing attacks. When possible, users should generate unique, strong passwords for their resources and keep them in the keychain instead of relying on simpler passwords that are easier to remember. When a cyber-criminal compromises an account, they will immediately try the same password in other places, like Gmail, Facebook, eBay, etc. Having a strong, unique password on each resource will boost a user’s online security, Raiu said.
8Enable Full Disk Encryption or FileVault
9Upgrade Adobe Reader
10Install a Good Security Solution
The idea that Macs don’t get viruses should be buried by now, Raiu said, given the growing number of attacks, such as the recent Flashback Trojan. Now, Mac users must install a strong security solution on their systems.