I don't need Anti-Virus on my Mac...Right?
You don't need Anti-Virus on a Mac right? RIGHT?
Wrong - on so many levels.
Since my article yesterday about protecting your stuff, a few people have asked me about Anti-Virus (AV)protection for their Apple Macs. The general assumption out there seems to be that you don't need AV protection on a Mac. I think this is wrong.
It's true there's far fewer malware and virus packages targeted at OSX - and because of this the probability of you getting hit by such a thing is far lower. But probability isn't protection is it?
Apple themselves used to claim that the Mac 'doesn't get PC viruses' and told owners they could 'safeguard your data', 'by doing nothing'. They quietly dropped this claim in 2011/2012 following the outbreak of the Flashback Trojan on OSX.
So if you have a Mac, and you're not running any form of AV….you're protected by the lower volume of targeted malware out there, and that's it. You're playing the probability game.
The other thing to consider is that for some strange cultish reason people who like OSX/MacOS (to be clear, I'm a big, big fan) seem to think it's a fully secure operating system, and often compare it to Windows. Usually in a facetious 'lol Windows' sort of way.
Here's the thing though - MacOS mostly fairs worse than Windows when it comes to hacking and security testing. Read that again - it's true. Didn't expect that did you?
Time and time again OSX has come out badly on InfoSec & hacking tests.
So as I say - no virus protection, you're playing the game of numbers rather than offering any real protection.
The other element to consider is that of being a good net-citizen. What do I mean by this? Well, if you're not careful you could find yourself passing along virus & malware code that while it couldn't infect your MacOS machine it could of course infect a Windows machine who you happen to send stuff too - via email for example.
So how do I protect my stuff…? From a scenario point of view I have a couple of MacOS laptops, and a main big spec iMac that is the centre of the my digital life. Each one of those units also runs Windows in Parallels. I.e. Virtualised. So how do I protect my environment?
As per the previous article, I start at the basic level and then work up to some more specific stuff that is probably more due to my paranoia than any great technical need - so let's work through them.
Don't do stupid
This is probably the core to all of your security really. Don't do daft things like download hooky software, or click on links in suspicious emails. That last one is an interesting one - when I get emails saying 'login to your account' for example, I never do it from the email links, I always go directly to the website myself.
There's also other core stuff to do, including:
Encrypting your hard disk (Encryption - it's for everyone)
Use a password manager (Why don't more people use password managers?)
Protecting Core MacOS/OSX
There's various anti-virus/malware products out there for OSX. There's a decent review of the products here at Tom's Guide:
Best Antivirus Software and Apps 2017
Personally, I use BitDefender. Quite pleased that my own assessment of products out there comes top of the list at Tom's Guide too! Anyways, it's a great product - works well and is not intrusive.
There's various other products out there - another common one is ClamXAV for example.
Protecting my Windows Machines
I run a number of Windows machines in Parallels. Windows comes with its own anti-virus built in - something called Windows Defender. I will say that Windows Defender never seems to fair very well in most testing scenarios. It is of course far better than nothing.
If your core OSX platform is protected by a good platform like BitDefender, it's arguable that Windows Defender would suffice in your Windows machines. Personally, I don't believe in 'average' security. You may have spotted this. So…in my Windows machines I use the AVG product. I only use the free one in Windows now rather than the subscription model, mainly as my core MacOS platforms are so well protected.
For most people, the above would be enough to provide you a decent level of protection. There are however additional things you can do. This is perhaps where I start moving in to the area that's beyond most people's requirements. I work in IT, and am constantly on people's systems - so protecting me and them is absolutely critical to my day job.
So, some of the extra stuff I do.
LittleSnitch for OSX
While MacOS has a decent in-built firewall, it doesn't tell you an awful lot about what your machine is up to in terms of network connections. Who are you connecting to right now…? You probably have no idea. Anyways, this is where LittleSnitch steps in. You can read a bit more about it here:
Little Snitch keeps an eye on your Mac's Internet connections
It essentially allows you to view exactly what your Mac is connecting too.
Using virtualisation it's pretty easy to build new machines - whether MacOS or Windows. In view of this, I have some sandboxed machines for each of the common OS environments I use. What's a sandbox? Well it's an isolated machine that you can use to test stuff on.
I have some MacOS and Windows Sandbox environments that I use for testing stuff in.
Protecting your environment is key to protecting your data. It's also part of being a good net-citizen really. Don't risk your stuff - and don't risk mine either.