Computers, Laptops & Tablets Apple 26 26 people found this article helpful 5 Security Tips to Make Your MacBook a Mobile Fort Knox by Andy O'Donnell Writer Andy O'Donnell, MA, is a former freelance contributor to Lifewire and a senior security engineer who is active in internet and network security. our editorial process Andy O'Donnell Updated on February 21, 2020 Justin Sullivan / Getty Images News / Getty Images Apple Macs iPad Tweet Share Email It’s powerful, it’s shiny, and everyone wants one, including thieves and hackers. Your MacBook holds your world: work files, music, photos, videos, and a lot of other stuff you care about, but is your MacBook safe and protected from harm? Let’s take a look at 5 MacBook Security Tips you use to make your MacBook an impenetrable and unstealable mobile data fortress: 1. LoJack Your Mac Now to Recover It After It’s Been Stolen We’ve all heard about the iPhone and the Find My iPhone app, where users of Apple’s MobileMe service can track down their lost or stolen iPhone via a website by leveraging the iPhone’s location awareness capabilities. That’s great for iPhones, but what about your MacBook? Is there an app for that? Yes, there is! For a yearly subscription fee, Absolute Software’s LoJack for Laptops software will provide both data security and theft recovery services for your MacBook. LoJack integrates at the BIOS firmware level, so a thief who thinks that just wiping the hard drive of your stolen computer will make it untraceable is in for a real surprise when he connects to the net and LoJack starts broadcasting the location of your MacBook, without him even knowing it. Knock, knock! Who’s there? It’s not housekeeping! There is no guarantee that you will get your shiny MacBook back, but the odds are greatly improved if you have LoJack installed versus if you don’t. According to its website, Absolute Software’s Theft Recovery Team averages about 90 laptop recoveries per week. 2. Enable your MacBook’s OS X Security Features (Because Apple Didn’t) The Mac operating system, known as OS X, has some great security features that are available to the user. The main problem is that while the features are installed, they are not usually enabled by default. Users must enable these security features on their own. Here are the basic settings that you should configure to make your MacBook more secure: Disable Automatic Login and Set a System Password While it’s convenient not to have to enter your password every time you boot up your computer, or when the screensaver kicks in, you might as well leave the front door to your house wide open because your MacBook is now an all-you-can-eat data buffet for the guy who just stole it. With one click of a checkbox and the creation of a strong password, you can enable this feature and put another roadblock in the hacker or thief’s path. Enable OS X’s FileVault Encryption Your MacBook just got stolen but you put a password on your account so your data is safe, right? Wrong! Most hackers and data thieves will just pull the hard drive out of your MacBook and hook it to another computer using an IDE/SATA to USB cable. Their computer will read your MacBook’s drive just like any other DVD or USB drive plugged into it. They won’t need an account or password to access your data because they have bypassed the operating system’s built-in file security. They now have direct access to your files regardless of who is logged in. The easiest way to prevent this is to enable file encryption using OSX’s built-in FileVault tool. FileVault encrypts and decrypts files associated with your profile on the fly using a password that you set. It sounds complicated, but everything happens in the background so you don’t even know anything is going on. Meanwhile, your data is being protected so unless they have the password the data is unreadable and useless to thieves even if they take the drive out and hook it to another computer. For stronger, whole disk encryption with advanced features, check out TrueCrypt, a free, open source file, and disk encryption tool. Turn on Your Mac’s Built-in Firewall The built-in OS X Firewall will thwart most hacker’s attempts to break into your MacBook from the Internet. It’s very easy to setup. Once enabled, the Firewall will block malicious inbound network connections and regulates outbound traffic as well. Applications must ask permission from you (via a pop-up box) before they attempt an outbound connection. You can grant or deny access on a temporary or permanent basis as you see fit. We have detailed, step-by-step guidance on how to Enable OS X's Security Features All of the security features mentioned here can be accessed by clicking on the Security icon in the OS X System Preferences window 3. Install Patches? We Don’t Need no Stinking Patches! (Yes We Do) The exploit/patch cat and mouse game are alive and well. Hackers find a weakness in an application and develop an exploit. The application’s developer addresses the vulnerability and releases a patch to fix it. Users install the patch and the circle of life continues. Mac OS X will automatically check for Apple-branded software updates on a regular basis and will often prompt you to download and install them. Many 3rd party software packages such as Microsoft Office have their own software update app that will periodically check to see if there are any patches available. Other applications have a manual “Check for Updates” feature often located in the Help menu. It is a good idea to perform or schedule an update check on at least a weekly basis for your most used applications so that you aren’t as vulnerable to software-based exploits. 4. Lock it Down. Literally. If someone wants to steal your computer bad enough they are going to, no matter how many layers of defense you put up. Your goal should be to make it as difficult as possible for a thief to steal your MacBook. You want them to become discouraged enough to move on to easier targets. The Kensington Lock, which has been around for decades, is a security device for physically connecting your laptop with a steel cable loop to a large piece of furniture or some other object that is not easily moved. Every MacBook has a Kensington Security Slot, also know as a K-Slot. The K-Slot will accept a Kensington-type lock. On newer MacBooks, the K-Slot is located to the right of the headphone jack on the left side of the device. Can these locks be picked? Yes. Can the cable be cut with the right tools? Yes. The important thing is that the lock will deter the casual theft of opportunity. A would-be thief who breaks out his lock picking kit and Jaws of Life wire cutters in the Library to steal your MacBook will likely create more suspicion than if he just walked away with the laptop sitting next to yours that wasn’t tethered to a magazine rack. The basic Kensington Lock comes in many varieties and is widely available at most office supply stores. 5. Protect Your Mac’s Gooey Center With a Hard-shell Configuration If you are really serious about security and want to delve way down deep into your settings to make sure your Mac’s security is as bulletproof as possible, then surf on over to the Apple support website and download the OS X security configuration guides. These well put together documents detail all the settings that are available to lock down every aspect of the OS to make it as secure as possible. Just be careful that you balance security with usability. You don’t want to lock your MacBook up so tight that you can’t get into it yourself.