07/14/2008, 4:35pm, EDT
Monday, July 14th
10 tips on securing a MacBook against data theft
Security firm Sophos has published a new list of 10 recommendations, specifically on the topic of safeguarding MacBook data. The company notes that while Windows systems are more prone to attack as the more popular format, Macs are still vulnerable, particularly when mobile ones are brought out in public. In this regard the company notes that the best protection is to simply leave data or a computer at home, unless it is absolutely necessary. When browsing at a cafe, for instance, data can be stolen simply by reading over someone's shoulder.
When a MacBook is out, it is recommended that users separate their Keychain passwords from their login passwords, by picking "Change password for Keychain 'login'" from the Keychain Access application. This forces Mac OS X to ask for a password whenever a Keychain entry is required. Along the same lines, it is suggested that instead of regular notes for important information, Secure Notes should be created through Keychain Access.
The home directory of a hard drive should be protected by FileVault containers, Sophos suggests, and other contents can encrypted through special disk images under the Disk Utility. Other tips include using the Secure Empty Trash command, which erases a file several times over, and checking "use secure virtual memory" under the System Preferences' Security options.
Some of the best security may come in the form of setting a firmware password, though Apple has, in some cases at least, hidden this option with the "/Volumes/Mac OS X Install
Disc 1/Applications/Utilities" folder. Finally, people are expected to use a password-protected screensaver whenever they step away from a MacBook, and possibly set an automatic logout timeline, which may keep thieves out of Mac OS X entirely.
Filed under: security
Other story tags: MacBook, FileVault, keychain
, 
, 4
, 
, 
, 
, 
, 
Top
subscribe to comments
for this article
automatic logout timeline
"and possibly set an automatic logout timeline, which may keep thieves out of Mac OS X entirely."
What is an "automatic logout timeline"?
Woah
Most of this is very extreme and comes at a great price. FileVault, for instance, has caused terrible problems on a number of computers I've seen, and requires at least double the amount of space the user folder uses up just to disable (making that nearly impossible for many users). Really, none of it's going to make a difference in the end if you're up against someone dedicated, and if they're not, then just using your computer in a smart way (i.e., don't do secure things on public Wifi) will deter them.
Scaremongering, really, in my opinion.
Screen lock tip
The report contains a handy hint. Instead of using a screen-saver hot corner to lock your screen, you can go to the Keychain Access program, open Preferences, and choose "Show status in menu bar." That puts a lock icon in your menu bar, which you can click to lock your screen. I like that better than a screen-saver hot corner.