6 Comments

Summary:

With iCloud breaking down the data barriers between OS X and iOS, you need to think about security on every Apple device you use. These tips will help you manage your personal data and who has access to it.

Apple Data Everywhere

Taking control of the security of your data and retaining privacy in today’s connected age is not an easy task. Thinking about this in its simplest form, there are two scenarios you need to consider when it comes to your personal devices: how things like apps and data get on and off your devices. For every app you allow can potentially access and send data off of your device.

With Apple’s iCloud breaking down the data barriers between OS X and iOS, you need to think about security on every device in your Apple ecosystem. The following 10 tips will help you manage not only how your information flows to and from your phone, tablet or computer, but also who has access to it.

1. Only install Apps from the App Store
While your iOS devices cannot install apps from any place other than the App Store, your Mac can. Apple developed Gatekeeper for OS X Lion and Mountain Lion to help protect your Mac from malware and misbehaving apps downloaded from the web. The default setting is to only allow applications from the Mac App Store to be installed on your Mac, or apps from identified developers. You can modify this setting in the System Preferences on the General Tab for Security and Privacy.

Only Install Apps from the App Store

This may sound to restrictive at first, but you can individually override this setting for specific apps you trust by first Control-clicking on the app and choosing Open from the menu that appears. A dialog box will display that will allow you indicate your trust in the developer and allow the app to run.

2. Review iOS and OS X privacy settings
Once an app is installed, you should review what information the app wants to access. With iOS 6 and OS X Mountain Lion, you can review which apps from the App Store have requested and been given access to all sorts of data on your device, including location, calendars, reminders, photos and even your contacts.

Review OS X Privacy Settings

In iOS the setting is located under Privacy within the Settings app; on OS X it is located on the Privacy tab within the Security and Privacy settings of the Systems Preferences app. If you see an app accessing information you don’t want it to, just revoke its access. Keep in mind that only apps from Apple’s app stores have to abide by these rules, OS X apps downloaded from other sources do not.

Review iOS Privacy Settings

3. Stop sharing Photo Streams with everyone
What you won’t see in the privacy settings are any of Apple’s apps like iPhoto and Aperture. By design they have access to your photos. And these photos can be shared with your friends and family using iCloud’s Shared Photo Streams feature. While you may have wanted to share an event with someone at one point, you may no longer want to share more recent events with that person.

Stop Sharing Photo Streams with Everyone

The easiest way to review everyone with access to your shared Photo Streams is to access Photo Stream from the Photos app on iOS. Choose the Photo Stream tab and tap edit. Select the stream you want to review and you will see a list of who has access to the stream. You can even turn off the public website for each stream on this screen.

4. Find and wipe clean all of your lost data
Find My iPhone is a service that allows your iCloud account to access your current location. This is a great service to enable since it can also be used to remotely wipe your device if it gets lost or stolen.

Find and Wipe Clean all Your Lost Data

You enable this service from within the iCloud settings on both iOS and OS X. There is a native iOS app that you can use to find and erase your devices, or you can optionally use iCloud’s web interface with Safari on the Mac.

5. Find My Friends means friends can find you too
By turning on Find My iPhone, you have also enabled the popular Find My Friends app to locate you. This service allows your friends to see the location of your primary device.

Find My Friends Can Find You Too

If you no longer want your location to be announced over Find My Friends, you can “Hide from Followers” by tapping on the “Me” settings within the app. This is also where you can remove followers from your friends list.

6. Passcode Lock on, Simple Passcode off
You can use a passcode to prevent anyone from accessing your iOS device. This will also make it harder for the device to be wiped clean, and will allow you to find the device the next time it connects to the internet. Turn on the passcode feature from within the General Settings of the Settings app on iOS. Be sure to turn Simple Pass Codes off so you can use a longer, harder-to-guess passcode.

Passcode Lock On, Simple Passcode Off

Once set, you will notice that when you connect your iOS device to a Mac for the first time, you will need to enter the passcode in order to access any of the information on that device, including your photos. However, after that initial handshake is established, all of the information on the device is then accessible by that Mac every time it is connected. So be sure to be just as diligent with your Mac security as well.

7. Log on to your Mac with your ID and a password
Do not enable automatic login on your Mac. This setting is located in the Login Options on the User and Groups settings of the System Preferences app on OS X. This will require all users to first log on to the device.

Logon to your Mac with your ID and a Password

Showing a list of user accounts when someone accesses your Mac is giving away half of the combination to unlock your Mac. Instead, you should display your login window as a simple name and password. That way they need to know both your user ID and your Password. This too is configured on the Login Options for the User and Groups settings.

8. Encrypt iOS device backups on your Mac
Local backups of your iOS device should be encrypted. There are plenty of apps like Backup Extractor that can open and access a device’s backup data. The “Encrypt local backup” checkbox is located right next to the “Back Up Now” button in iTunes for each device.  You will be asked to create a password the first time you set this up.

Encrypt iOS Device Backups on your Mac

You can also delete previous backups that were not encrypted by accessing iTunes Preferences and clicking on Devices. Here you will see all of the backups stored on your Mac — even those from older devices you no longer own or use.

9. Turn on FileVault for your Macintosh HD
FileVault is a great utility to keep all of your data stored on your Mac’s hard drive encrypted.  It uses full disk, XTS-AES 128 encryption to help keep your data secure.  You can turn on FileVault from the Security and Privacy settings in System Preferences on OS X.  Once all user accounts have been set up to unlock FileVault, you will be presented with a key that can be used to unlock your hard drive.

Turn on FireVault for your Macintosh HD

Do not forget or lose this key, if you do, you may never again be able to access the files stored on your Mac.  There is an option to allow Apple to keep track of this key.  If you decide to take advantage of this service, you will be required to provide answers to a series of three security questions.

10. Setup a firmware password on your Mac
All Macs come shipped with a quick and easy way to change the password of every user account on the device in order to recover from a forgotten password. All you need to do is hold down the option key after you turn on the Mac, and boot to the recovery partition that now comes with every new Mac.

Reset Password on your Mac

Once started, access the Terminal from the utilities menu and type “resetpassword” on the command line. This will bring up the password reset utility that will allow you to change any password of any user account on the device.

Setup a Firmware Password on your Mac

The only way to prevent this from happening is to set up a firmware password on your Mac. This will require anyone that tries to boot to the recovery drive, or any drive other than the default boot drive, to enter a password first.  You can create a firmware password by using the Firmware Password Utility also on the recovery partition.

Once you are connect to the internet, everything between you and the person you are communicating with or the online service you are using, is not within your control.  These tips only outline what you can do for the pieces and parts of the equation that you do have control over when it comes to your information privacy.

  1. How bout some tips to secure our privacy from GigaOm? Have ya’ll read their sickening privacy policy? They take and sell everything they can from you and say they can do whatever the hell they want with it. This is why I almost never use this site any more.

    Share
    1. I actually think this was a pretty good and informative article, aside from forgivable mistakes. There’s definitely some elements of OSX security that I wasn’t aware of, so thank you to the writer.

      To Peter Miller, if you don’t like the privacy policy (which isn’t much different than any other tech-savvy company who monitors their web traffic) you don’t have to come to the website.

      Share
    2. really , So can i share my info on this website, is this website secure, but this article is really good

      Share
  2. Really……FileVault not Firevault ….c’mon man

    Share
    1. You are correct. I am not sure exactly how this got past me, as the original document I wrote up in ByWord is correct. I can only assume that it is something that WordPress corrected and I did not notice when reviewing. My mistake.

      Share
  3. Humm …

    Truecrypt your SSD

    Share

Comments have been disabled for this post