Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Safe and sound: securing Mountain Lion

Neal Wise | April 18, 2013
Let’s have a look at what basic steps we’d recommend to secure a Mountain Lion installation. These are similar to what we’ve done in the past with Lion, Snow Leopard and so on, but subtle changes to System Preferences may have added, removed or relocated some of the security controls we previously considered.

With the 'List of users' option, you may have had the guest account enabled or an account created by an application (any MacPorts users?) or you may have other accounts available. In the case of multiple accounts, there may be one or more with weak passwords assigned.

So let's talk about passwords. There's lots of good advice on passwords out there. And there's heaps of bad advice. And, worse, sometimes technology stores passwords weakly and this can lead to the compromise of even well-selected passwords.

Aim for something memorable with the usual recommendations for making the password complex: mixed upper/lower case letters, some numbers and symbols and 10+ characters if you can manage that.

So what about permitting use of your Apple ID to reset your Mac password? That's been an option for a few releases of OS X. We're reluctant to trust using an Apple ID for so many important things - iTunes with a credit card potentially associated with the account and iCloud email if you use it - as well as permitting you to use it to reset your account on your Mac.

Some quick tips: use a low-value iTunes pre-paid card with your iTunes account to prevent surprises and change your Apple ID password frequently (every 30, 45 or 90 days depending on your paranoia quotient).

It's worth noting that if you have any accounts on you Mac with Parental Controls assigned, including using Simple Finder, there are certain Mountain Lion features that can't be disabled, which may cause annoyances. These include disabling the availability of Mountain Lion Notifications to the managed users.

SECURITY & PRIVACY
SYSTEM PREFERENCES

The primary place we can control most security features of Mountain Lion is in the Security & Privacy System Preference pane. From this System Preference we can specify security configuration for your Mac's behaviour for locking the screen, encrypting your Mac's hard drive or SSD, configuring the firewall and specifying privacy protections. Some of the configuration options - changing password and disabling automatic login for example - are a bit redundant since they're also in the Users & Groups preference pane.

Immediate action. In the Security & Privacy System Preferences Pane, you can enable a password requirement to prevent unauthorised access to your Mac.

First, let's look at the Advanced options. These options used to be on the first panel of Security & Privacy, but are a little more hidden. Probably because they're not something you change often (but they are important). Select 'Automatically update safe downloads list' from the menu under the Advanced button of the Security & Privacy preference pane.

 

Previous Page  1  2  3  4  5  6  Next Page 

Sign up for CIO Asia eNewsletters.