In our last article, we looked at the built in firewall that is part of Max OS X. Needless to say, one of the most important aspects of security is the physical security of your mac.
The Basics
A majority of creative professionals (and other Mac users) – these days – have access to, or mainly work from a mobile platform. Be that a Mac Book, Mac Book Pro, Mac Book Air, iPhone or (dare I say it) a windows machine, or other type of mobile device, one thing that is normally overlooked is the physical security of this device.
To put this into a perspective, the following story is about a colleague of mine who is an avid Mac user, albeit, a trusting one.
Whilst on location in the USA for a recording gig, he mistakenly left his laptop in the studio and stepped out for lunch. Three minutes later, Laptop has gone including 7 months worth of demo recordings and music scores.
The short end to this story, the Laptop was taken by a cleaner (a contractor – not the normal cleaner) – but that wasn’t the crunch point.
On the way out, the cleaner panicked and dropped the laptop into a bin while running out the door. The data was recovered, but the recording session was pushed back by 3 months due to data recovery and politics.
On the road
Having the privilege of working a lot on the road, there are usually 3 things that are always in the back of my mind when I take my bag out of my car.
- Where is my Laptop
- Where is my iPhone
- Where is my wallet.
Usually in this order.
Depending on where I am – usually I always know where my wallet and iPhone is. My laptop usually never leaves my line of sight or my physical presence (about 2 meters within and around me).
Now, all of this is pretty straight forward, but let’s talk about some of the other aspects of security with the mac.
The Key Chain.
The Mac OS X keychain provides a convenient, secure repository for your various user names and passwords. While it’s a good security practice to use a unique password for each resource, most people find it impossible to remember so many passwords.
Use a single login password to unlock your keychain and authenticate automatically to file servers, FTP servers, websites, your email accounts, encrypted files, and other password-protected resources.
There’s no need to enter—or even remember—the user name and password for each resource. You can choose which items to store in your keychain or require specific applications to request authentication, even if your keychain contains the necessary information.
In addition to passwords, keychains can be used to store notes and other confidential information, such as ATM and credit card PINs.
You can even create multiple keychains to store passwords for different purposes— for example, one for work and one for online shopping—or copy your keychain from one computer to another.
The keychain securely stores user names and passwords. All the password data in the keychain is protected using the Triple Digital Encryption Standard (3DES).
For added protection, Mac OS X locks your keychain when you log out.
You can also set Mac OS X to lock your keychain when the system sleeps or after a specified time of inactivity, and you can lock your keychain manually at any time.
If you store your home directory on a network server, your keychain remains safe. This is because all keychain information is decrypted only on the local client system as applications request it; it is never transmitted over the network.
You can also synchronise the keychains on all of your Mac systems with iSync.
The important bits.
In the third article of this series, we spoke about good password security. Needless to say, having all of your passwords and information stored in your keychain is pretty useless if you don’t use strong passwords to protect your keychain and hence, your Mac in general.
Walking away.
Another part to good security is protecting your mac when you are physically away from the machine for any length of time. (For another coffee perhaps?)
The Keychain and security features built into Mac OS X can provide this with ease.
Enabling the keychain.
First of all, you will need to set up you keychain preferences for this to work. Open you keychain and go to the preferences screen. Then check the “Show Status in Menu Bar option” as below.
Next, within your task bar your keychain Lock icon will be available. As below.
From here, there is a multitude of Key chain options that are available including the “lock screen” option.
Selecting this will automatically launch your screen saver and lock your screen – requiring a password to log back into your mac – as long as your security settings are correct.
To check your security settings, open system preferences and select the security option. On the general tab you will need the correct boxes ticked as follows – for this to work.
Enabling an automatic lock.
To enable automatic locking of your mac, you should also have your screen saver enabled so that automatic locking is enabled by default – as per the first option in the diagram above.
The final pieces of the Key Chain puzzle.
In, closing, there is one more piece to the Key Chain puzzle that needs to be enabled for good security. In your keychain, go to the edit menu and choose “change settings for keychain login”. Within this window, you will need to tick the first two boxes and set the time out.
Enabling these also ensure that your keychain automatically locks after 5 minutes of inactivity. So, even if your laptop or mobile device is stolen, it will make it extremely difficult for people to access your passwords and other hidden settings.
In our next article, we look at more of Mac OS X’s security.
Warm Regards,
Scott Malpass
Aquafruit Media.
Mac OS X – inherently secure? .. Part 6
In our last article, we looked at the built in firewall that is part of Max OS X. Needless to say, one of the most important aspects of security is the physical security of your mac.
The Basics
A majority of creative professionals (and other Mac users) – these days – have access to, or mainly work from a mobile platform. Be that a Mac Book, Mac Book Pro, Mac Book Air, iPhone or (dare I say it) a windows machine, or other type of mobile device, one thing that is normally overlooked is the physical security of this device.
To put this into a perspective, the following story is about a colleague of mine who is an avid Mac user, albeit, a trusting one.
Whilst on location in the USA for a recording gig, he mistakenly left his laptop in the studio and stepped out for lunch. Three minutes later, Laptop has gone including 7 months worth of demo recordings and music scores.
The short end to this story, the Laptop was taken by a cleaner (a contractor – not the normal cleaner) – but that wasn’t the crunch point.
On the way out, the cleaner panicked and dropped the laptop into a bin while running out the door. The data was recovered, but the recording session was pushed back by 3 months due to data recovery and politics.
On the road
Having the privilege of working a lot on the road, there are usually 3 things that are always in the back of my mind when I take my bag out of my car.
Usually in this order.
Depending on where I am – usually I always know where my wallet and iPhone is. My laptop usually never leaves my line of sight or my physical presence (about 2 meters within and around me).
Now, all of this is pretty straight forward, but let’s talk about some of the other aspects of security with the mac.
The Key Chain.
The Mac OS X keychain provides a convenient, secure repository for your various user names and passwords. While it’s a good security practice to use a unique password for each resource, most people find it impossible to remember so many passwords.
Use a single login password to unlock your keychain and authenticate automatically to file servers, FTP servers, websites, your email accounts, encrypted files, and other password-protected resources.
There’s no need to enter—or even remember—the user name and password for each resource. You can choose which items to store in your keychain or require specific applications to request authentication, even if your keychain contains the necessary information.
In addition to passwords, keychains can be used to store notes and other confidential information, such as ATM and credit card PINs.
You can even create multiple keychains to store passwords for different purposes— for example, one for work and one for online shopping—or copy your keychain from one computer to another.
The keychain securely stores user names and passwords. All the password data in the keychain is protected using the Triple Digital Encryption Standard (3DES).
For added protection, Mac OS X locks your keychain when you log out.
You can also set Mac OS X to lock your keychain when the system sleeps or after a specified time of inactivity, and you can lock your keychain manually at any time.
If you store your home directory on a network server, your keychain remains safe. This is because all keychain information is decrypted only on the local client system as applications request it; it is never transmitted over the network.
You can also synchronise the keychains on all of your Mac systems with iSync.
The important bits.
In the third article of this series, we spoke about good password security. Needless to say, having all of your passwords and information stored in your keychain is pretty useless if you don’t use strong passwords to protect your keychain and hence, your Mac in general.
Walking away.
Another part to good security is protecting your mac when you are physically away from the machine for any length of time. (For another coffee perhaps?)
The Keychain and security features built into Mac OS X can provide this with ease.
Enabling the keychain.
First of all, you will need to set up you keychain preferences for this to work. Open you keychain and go to the preferences screen. Then check the “Show Status in Menu Bar option” as below.
Next, within your task bar your keychain Lock icon will be available. As below.
From here, there is a multitude of Key chain options that are available including the “lock screen” option.
Selecting this will automatically launch your screen saver and lock your screen – requiring a password to log back into your mac – as long as your security settings are correct.
To check your security settings, open system preferences and select the security option. On the general tab you will need the correct boxes ticked as follows – for this to work.
Enabling an automatic lock.
To enable automatic locking of your mac, you should also have your screen saver enabled so that automatic locking is enabled by default – as per the first option in the diagram above.
The final pieces of the Key Chain puzzle.
In, closing, there is one more piece to the Key Chain puzzle that needs to be enabled for good security. In your keychain, go to the edit menu and choose “change settings for keychain login”. Within this window, you will need to tick the first two boxes and set the time out.
Enabling these also ensure that your keychain automatically locks after 5 minutes of inactivity. So, even if your laptop or mobile device is stolen, it will make it extremely difficult for people to access your passwords and other hidden settings.
In our next article, we look at more of Mac OS X’s security.
Warm Regards,
Scott Malpass
Aquafruit Media.