Have you ever seen this Online Safety Practices info-graphic? It shows the difference between what experts and non-experts think you should do.
The non-experts toolkit consists of things we learned at our Mama's knee like "user Anti-virus software" and "Change passwords frequently". And it turns out that most of these things don't hold water anymore.
Anti-virus software is more likely to slow your Mac down and potentially be the source of evil - especially if you respond to slick ads for Mac "fixer-upper" software like MacKeeper (see below).
Big I.T. departments that forced people to change passwords to a new gobbled-gook string every 6 weeks just succeeded in getting everyone's password onto a sticky note on their computer that every other employee can read!
What should you really be doing?
1) Keep Software Patched
By this we mean keep your existing OS and applications fully updated for security patches.
What's the best way to do this? Well, if you are a Precursor Systems Support Plan customer all you need to do is log out and leave your computer on and our Managed Software Center will take care of all the latest Apple and application software updates that we have already curated and tested for your business.
Managed Software Center will not upgrade your computer from one operating system to the next because this might introduce instabilities into your working environment. But it will apply all available security patches for the OS you have!
2) Use unique passwords
Here I am talking about your personal information and services/subscriptions. Don't use the same password for everything. That way if one account is hacked they can't use what they find to crack your other accounts.
i.e. make your bank password different from your PayPal password, different from your email password, different from your Facebook password.
3) Use Two factor authentication
Two factor ID can prove that it is really you. In the consumer world this means every time you try to log in (the first factor) to something your phone will get a text message with a code as the second factor. Your Apple ID is probably already two-factor ID (all new Apple IDs have to be this way). And you can set up your Google account, Twitter and Facebook for 2 factor ID too!
4) Use Strong passwords
What constitutes a strong password? Well it is not really just substituting numbers for letters:
Common cracking software can break through these pretty easily.
Apple has a nifty tool called Password Assistant that can help.
Avoid using the most common passwords:
Want a really strong password? Use a phrase with some special misspellings all your own.
5) Use a Password Manager.
Keep all these strong and unique passwords handy and usable by knowing only the password to your password manager.
Apple has iCloud Keychain which is easy to use between your Apple devices.
And if you want something even more powerful we highly recommend the Canadian solution from AgileBits: 1Password.
So with those first five suggestions are you safe?
The answer is NO.
The bad guys don't need to hack your Facebook account or put spyware on your Mac. These days their plan is to get you to do it for them!
So lets add a few rules:
6) Get your software from the true source.
Do NOT acquire software or media (films, music) from Software aggregators or bit-torrent sharing sites. These can be infected with malware, spyware and the lot!
Purchase your software, music, tv shows and movies from the developer and from licensed stores like the App Store and iTunes. Just last month MacUpdate a Mac software aggregator was distributing an infected version of FireFox!
Precursor Systems helps Support Plan customers get only approved software by using Managed Software Center for self-serve installations and updates of the vast majority of the software you need for your work.
7) Don't be tempted by apps that claim to clean/optimiza your Mac.
The macOS is self-optimizing and self-cleaning.
You do not need cleaners, or optimizers. These apps are TOTALLY unnecessary. Either they do more harm than good or worse, they put spyware on your Mac to try to steal your identity.
Precursor keeps these nasties off your Mac by making sure you are a standard user without admin install privileges. All software must therefor be installed either by Precursor or through the Managed Software Center which is populated with safe and tested software by Precursor.
8) Don't call 1-800 numbers that appear on the screen claiming to Apple or Microsoft support.
These splash page ads covering up your screen are common these days and they look mighty convincing.￼
But the fact is that no internet web page can "scan" your computer and detect a problem, an error code or a "virus".
It is only when you call the number, let them remote in to your computer and give them your credit card number that you have a problem. A BIG problem!
If yo use one of these, close the web page and if that doesn't work you may have to "Force Quit" your browser from the Apple Menu.
Lets face it; the only number you should be calling if you are a Precursor Support Plan customer is Precursor's!
9) Don't click on links in an email that go to something you need to log in to.
Phishing scams are getting increasingly more sophisticated and are designed to make you think you need to log in to your bank, your iTunes account, your PayPal, Facebook, etc.
But those links in the email you received are from bad guys and they go to "honey pots" that are designed to collect your login name and password for exploitation.
The only time you should be going to your bank, Facebook, PayPal etc should be through apps on your phone or your own bookmarks in your web browser.
Never ever through links provided in an email.
How can you verify they are spam. Usually by right-clicking / tapping on the email name and seeing that the address is really from firstname.lastname@example.org.
Shaw has a nice document discussing how to identity phishing scams:
||Copyright © 2014-19, Precursor.ca, Inc.||