Apple @ Work: For a small business with no IT staff, here’s how to secure your Macs
Apple @ Work is brought to you by Mosyle, the leader in modern mobile device management (MDM) and security for businesses and education from Apple. More than 28,000 organizations use Mosyle solutions to automate the deployment, management and security of millions of Apple devices every day. Request a FREE account today and find out how you can put your Apple fleet on autopilot at a price that’s hard to believe.
The use of Apple products in the enterprise is growing at an unprecedented rate. the MacBook Air 2020 is still my daily drive, and it’s become mainstream in the business. The balance between power and battery life is amazing at the price point. Even among small businesses, the Mac is increasingly becoming a popular choice. As we saw with Apple’s latest Apple at Work video, startups love Apple as much as big corporations. However, small businesses may not have the dedicated IT support to keep their Macs secure. Here’s a roundup of tips and tricks for securing your Mac at work if you don’t have a dedicated IT staff.
About [email protected]: Bradley Chambers managed a corporate IT network from 2009 to 2021. With his experience deploying and managing firewalls, switches, mobile device management system, Wi- Fi enterprise, hundreds of Macs and hundreds of iPads, Bradley will highlight the ways Apple IT managers deploy Apple devices, build networks to support them, train users, stories from the trenches of IT management and ways Apple could improve its products for IT services.
Backing up your local files somewhere is an essential first step in securing your Mac at work. Personally, I would recommend a combination of strategies, however. The first is to set up Apple’s Time Machine backup using a external hard drive. You can plug it in once a day to keep a second copy of all critical files. Time Machine will be useful for recovering from hardware failure or accidental deletion. Consider getting two drives and keeping one in a second slot.
Second, Add a Backblaze subscription for all your Macs. For less than a cup of coffee a month, every Mac in your office can have offsite cloud backup. Backblaze’s application is lightweight and won’t slow down your Mac at all. The Backblaze addition follows a 3–2–1 strategy when paired with a few Time Machine disks:
- Three copies of your data
- Two slots
- One in the cloud
Every small business using Macs should have some sort of backup strategy. If you are only going to do one option, go for backblaze as it is a Set it and forget it type solution.
Enable FileVault 2
FileVault 2 has played a crucial role in securing local drives for business customers. It ensures that data stored locally on computers cannot be accessed if the machine is lost. It uses XTS-AES-128 encryption with a 256-bit key to ensure data cannot be accessed without permission.
FileVault first appeared in OS X Lion and is still used today. Small businesses can enable it under the Security & Privacy tab in System Preferences. There’s almost no performance loss, but there’s a lot of security gain. End users will probably never know they are using FileVault 2.
Enable the built-in firewall
macOS includes a firewall to block all incoming connections to your Mac. To enable it, go to System Preferences > Security & Privacy, click the Firewall tab, then click Enable Firewall. If you don’t have the option to enable it, look for the padlock in the lower left corner to unlock the option.
The firewall has several options that you can customize:
- Block all incoming connections, regardless of application.
- Automatically allow the built-in software to receive incoming connections.
- Automatically allow downloaded and signed software to receive incoming connections.
- Add or deny access based on user-specified applications.
- Prevent the Mac from responding to Internet Control Message Protocol (ICMP) probing and port scan requests.
Add a second user account
When setting up your Mac for the first step, you will have only one user account. I always recommend adding a second account as a backup in case something happens to your original account (corrupted, locked, etc.). It’s handy to have a second one that you can access if you’re in a bind.
You can add a second account in System Preferences > Users & Groups.
Stay up to date on all macOS updates
Generally, the latest version of macOS is considered the most secure. In System Preferences > Software Updates, you can check that you are using the latest version of macOS. I recommend checking the box to automatically keep your Mac up to date.
Although the Mac is very secure, if you install an application that contains malware, you might end up with a compromised computer. My favorite malware checking app is CleanMyMac X by MacPaw. It contains a host of good troubleshooting tools, but its anti-malware tool is well done. It’s worth having all of your Macs in your small business to make sure they’re clean.
These tips are some basic ways for a small business without dedicated IT staff to keep their Macs running at full speed and efficiency. Make sure your computers are always backed up, up to date, and free of malware – and you’ll be ready to get to work.