Security tips for Mac travelers

When you hit the road, it’s easy to get paranoid—especially if you’re carrying thousands of dollars’ worth of technology with you. You can alleviate some of your worries by taking security measures to protect yourself against someone running off with your iPhone, iPad, or MacBook.

Use common sense 

If you’re not used to toting a machine outside your usual rounds, don’t forget these precautions.

Don’t leave devices lying around: Don’t leave your laptop or other device on a table or counter at a coffee shop or other establishment and walk away or turn your back. Hardware is too easily snatched and too portable.

Don’t leave bags untended: Don’t walk away from a bag that holds your phone, tablet, or laptop. It’s simple for a thief to poke around without attracting notice, especially during the holidays when shops are busy.

Don’t use devices in unsafe locations: Don’t pull out that brand new iPhone or iPad device in an area where it can easily be snatched. This means both a dark, isolated street and densely-packed areas, like Times Square.

Don’t bother with laptop locks: At one point, we used to recommend using a locking cable with you laptop. But Apple has slimmed down the MacBook's design and eliminated  security slots.

Password protect your devices

What if a thief does get your device—is the trouble just beginning? It might be, if you haven’t bothered with basic methods for protecting your data.

Passcode lock your iPhone and iPad: Just because someone gets your phone or tablet, doesn’t necessarily mean he also gets unrestricted access to all your email messages, all your contacts, and—just for good measure—your Amazon.com account. Even if you don’t normally use a passcode or a screen or sleep lock, enable it before you travel. On iOS 4 and later, locking a phone or tablet prevents both access to the device and protects the data storage on it through encryption.

Password protect your MacBook: Do you really want to join the ranks of people who’ve compromised work data by leaving a laptop unattended and unprotected?


.
Requiring a password after sleep or a period of time can prevent someone from gaining access to your machine when you leave it unattended or if it’s stolen while sleeping.

Launch the Keychain Access utility (in your /Applications/Utilities folder), and then select Keychain Access > Preferences. Select the Show keychain status in menu bar option. Now, whenever you step away from your computer, you can choose the lock icon in the menu bar and pick Lock Screen. Make this process automatic by going to System Preferences and opening the Security & Privacy pane. Click the General tab and select the Require password option immediately after sleep or screen saver begins. You can adjust the time period using the drop-down menu here.

Encrypt for maximum protection

If you want to be sure that your computer’s data isn’t accessible to a more-than-casual snooper or to a thief who has all the time in the world, your best bet is full-disk encryption (FDE). FDE creates a strong encryption key, which it uses to encipher your entire hard drive. The key is held in memory while you’re in an active running session, and it is tossed whenever you shut down.

An FDE-protected system can only be backed up while it’s active. This prevents anyone (including governments and you) from recovering your data without a login account and password or an appropriate passcode.

Encrypt your drive with FileVault: Since Lion, Apple has provided built-in full-disk encryption through FileVault 2. You can’t recover a FileVault-protected disk’s data without an account and password. (See “Complete guide to FileVault 2 in Lion,” still applicable in Mountain Lion.) If you don’t like the configuration and options available from Apple, there’s also Sophos SafeGuard ().



Encrypt key drives and files: You can also encrypt external drives, virtual drives (disk images), and individual files using Mac OS X’s built-in Disk Utility and other free and paid tools. Apple added external disk encryption in the Finder in Mountain Lion, too. See “Encrypt any disk in Mountain Lion.”

Rely on built-in iOS encryption: Nearly all iOS devices have hardware encryption built in. When the passcode is active, data is unrecoverable unless a device is jailbroken or otherwise compromised. This protection is automatic, and is only absent from the original iPhone, iPhone 3G, and first two iPod touch generations. Hardware encryption also allows a quick “remote wipe."

Find a lost or stolen device

Even if your device is stolen or you simply mislay it in your travels, it’s possible to recover it if you’ve planned ahead. Theft-recovery software for mobile and desktop operating systems can track a device so long as it’s on a network. You might recall the recent story about ABC News purposely leaving an iPad at an airport security checkpoint, then using software to locate it at the house of a TSA employee? That’s not so unusual.

With a location in hand, police are often more willing to visit a home or business, as they frequently find where one device is located, other stolen gear is found. But many thieves are now too clever for such software, and prevent devices from joining a Wi-Fi network or even wrap hardware in aluminum foil to keep it off a cellular network.

iCloud.com lets you see where devices are, whether Macs or iOS hardware, so long as Find My Mac or Find My iPhone is turned on for each bit of gear.

Track it down with iCloud and Find My Mac: The built-in option for Mac OS X and iOS is Apple’s Find My Mac and Find My iPhone (which works for all iOS devices). This is activated in Lion and Mountain via the iCloud preference pane, and requires Wi-Fi to be enabled to provide tracking information. In iOS, the Settings > iCloud view has a Find My iPhone switch. You can find the current location of devices (Macs and iOS gear) associated with an Apple ID by logging in to iCloud.com with that ID or using the Find My iPhone app (which includes Macs in what it finds).

Find My iPhone/Mac can both lock a device remotely or wipe it clean. Apple goes so far as to allow a Good Samaritan to dial a number you've sent through Find My iPhone even when all other calls on the iPhone are disabled.

GadgetTrak poses as a benign program in order to tempt thieves to launch it. If the app activates when tracking is on, it will snap a picture.

Use third-party software: Several third-party packages keep a constant low-level account of where a device is located. Others wait for a remote network trigger, checking in at regular intervals, that a device is stolen before they activate tracking. Some of them let you file a police report, see what a thief is typing, or even use your camera to snap a photo or video of the thief. Options include Gadget Track for Mac OS X ($20) and the iPad, iPhone, and iPod ($4); Absolute Software's Lojack for Laptops ($40 for 1-year subscription); and Orbicule's Undercover for Mac ($49) and Undercover iPhone/iPad ($5).

In all cases, the software has to be installed before a device is stolen, and typically registered and activated. You also want to run a test to make sure it can be located while still in your clutches.

Always be prepared

It’s always hard to deal with the loss of an electronic device that contains personal and business data. By taking measures to secure your systems before you hit the road, you can defeat thieves before they get started, while helping Good Samaritans bring your precious hardware back to you.

Subscribe to the Apple @ Work Newsletter

Comments