Mac users have always been able to be quite smug about the very low level virus/malware threat faced by OS X. Since "Flashback", it's all changed...
Contact firstname.lastname@example.org for more details
Summary of how to keep your Mac secure
- Keep your operating system as up-to-date as is practical for the hardware you have. Support for legacy systems is discussed below
- Always install the offerings from all software updating mechanisms ("Software update", the Mac App store and individual program updates)
- Always use Anti Virus software
- Always have good passwords
Keeping your Operating System up-to-date
At the time of writing, Apple are releasing a major revision of Mac OS X every year. Their policy is to support the current OS (at this time OS 10.7), the previous one (10.6) but the one before (10.5) is left unsupported in terms of security updates etc.
This means that running Mac OS 10.5 ("Leopard") is now deemed risky.
If your Mac is Intel-based, you should be running a minimum of OS 10.6
If you have a PPC-based Mac, some difficult decisions need to be made:
- Perhaps it can be retired and replaced by a faster and more secure Intel Mac
- If you need PPC to run certain software, connect to certain hardware or run "Classic" pre-OS X Mac programs, talk to Julian as lots of options exist for back-compatibility, even on brand-new Macs running OS 10.7
- If a certain Machine's role is non-negotiable, it could be made as secure as possible before stripping it of web browsers and e-mail clients (the most common security attack vectors)
- Turn off "Java" on any pre-OS 10.6 Mac. One particularly sticky issue is that TSM Backup requires Java to function, so no Java unfortunately means no backup. Other system frameworks may need to be turned off in future developments
OS X's "Software Update" (in the Apple menu), the Mac App store and often individual programs themselves will often "nag" you to download an update.
Please don't ignore these systems, they are trying to keep you safe.
If your Mac is being left in a non-updated state because of a forgotten admin password, please get in touch with Julian, as he'll be able to overcome this :o)
The University gives you Sophos Anti-Virus for free, which you can download and install yourself via:
This will need to be reinstalled manually once a year due to licensing restrictions. This limitation can be overcome for fixed Departmental machines. Please get in touch with IT support who can install this special version for you.
Alternatively, Sophos give away a free (at time of writing) consumer version which is essentially the same and will always keep itself updated, barring a change to the operating system which leaves it "broken":
Either version of Sophos will display a shield icon in your Mac's menu bar. If this shield gains a cross in front of it, Sophos isn't updating. This could be due to no network connection but if you're connected and Sophos still can't update please get in touch with IT.
We have a downloadable script to set up your screen locking preferences to lock your screen as soon as you invoke the screen sleep shortcut shift-ctrl-eject or whenever your screensaver activates
Options for this page: