• Skip to content
  • Skip to primary sidebar
  • Skip to footer

Foliovision

Main navigation

  • Weblog
    • FV Player
    • WordPress
    • Video of the Week
    • Case Studies
    • Business
  • About
    • Testimonials
    • Meet the Team
    • We Support
    • Careers
    • Contact
    • Pricing
  • Products
  • Support
    • FV Player Docs
    • Pro Support
  • Login
  • Basket is empty
Affordable VAST/VPAID for Wordpress has arrived. Serve ads with your videos starting today!

How to set up a Mac securely on OS X 10.11 Sierra (El Capitan)

14 September 2017 / Alec Kinnear / Leave a Comment

We’ve recently upgraded our computer stock with a bunch of new (old) Mac Pros. These are the last computers which Apple built which can be upgraded (storage, memory, GPU, CPU in order of complexity). So I’ve updated our guide on deploying new Macs. I’ve often been asked about our special sauce for securing Macs and deploying them quickly so I’ve publishing this as a starting point for others.

Despite the title stating that this covers how to set up a Mac securely on OS X, it hasn’t really been possible to secure a Mac since the App Store came into being (OS X 10.6.6 I believe). OS X 10.5.8 may be the last really secure full version of OS X ever created. Coincidentally Apple joined Prism in 2012.

Still one can make a good effort to make one’s computer far less chatty. If you really want to be secure, don’t use the app store at all and download your OS X updates. If you want to be a little bit secure, you have to avoid iCloud completely. Just ask the beautiful Jennifer Lawrence how iCloud turned out for her (I had no idea she was so sexy until those pics showed up). 

One major step which helps is to turn off all Sharing services (System Preferences:Sharing) and to turn on your Firewall. Of course this means you can’t do any home networking or intranet networking in the office. On the other hand, neither can any hackers. So if one machine goes down, the issue remains isolated. For the number of times we have to move a large file, it’s usually big enough these days that the fastest way to move it would be sneakerware. Otherwise most of our networking takes place on the cloud and in the SAAS applications we use. Just get rid of networking unless you really need it.

More seriously, there are five steps:

  1. Securing the Computer
  2. Checking Hardware
  3. Adding Text Expansion and Multiclipboard Utilities
  4. Install Basic Apps for Writing and Thinking
  5. Improve Aesthetics

Let’s start by:

Securing the Computer

  1. don’t plug in to internet
  2. chose a country (United Kingdom)
  3. refuse to share any info with Apple or log in to iCloud (to make sure you don’t get sucked in early)
  4. refuse location services
  5. restart
  6. still a German computer
    1. add a new language in Regions preferences
    2. some dialogues (restarting) still come in German after deleting German
  7. add Little Snitch 3 (preferably from USB key so you don’t have to go online before doing so)
  8. turn on and license Little Snitch
  9. connect to the internet
  10. keep saying no to everything
  11. when you need the App store (Blackmagic Disk Speed Test for instance), turn off Little Snitch briefly and then turn it back on
    1. better would be to create a custom profile for the App Store but that’s hard work
  12. Turn on System Preferences – Firewall (no incoming connections allowed). Advanced Prefences:
    1. Block all incoming connections
    2. turn off allow built-in software to receive incoming connections
    3. turn off Automatical allow downloaded signed software
  13. Turn off (in System Preferences:Spotlight) indexing of your search queries, i.e. Spotlight Suggestions and Allow Spotlight Suggestions in Look Up (screenshot)
  14. Follow MacRumors guide for Safari privacy including allowing cookies only from websites I visit and turn off location services and website tracking.
    1. turn off all Search suggestions and switch to DuckDuckGo if not Yandex. From DuckDuckGo, Google is always only a !g away
    2. Turn off autofill
  15. System Preferences:Energy Saver: turn off “Wake For Ethernet network access”
    1. set computer sleep for half hour or one hour
    2. set display sleep for 15 minutes
  16. Check System Preferences:iCloud to make sure you are not signed in
  17. Add mail account in System Preferences:Internet Accounts
  18. Turn off automatic updates in System Preferences:App Store.
  19. Make sure that in System Preferences:Sharing that nothing is allowed.
  20. Mare sure Siri is turned off.

Checking Hardware

  1. Check your SSD:
    1. install Disk Sensei
    2. check health and hours
    3. benchmark
    4. enable trim with terminal command (El Capitan and higher): sudo trimforce enable
    5. do manual trim if benchmark giving poor results
  2. Install Geekbench 4 and check your CPU.
  3. Install and configure iStat Menus on programmer level computers.

Foliovision Standard iStat Menus configuration for Mac Pro
Foliovision Standard iStat Menus configuration for Mac Pro

Adding Text Expansion and Multiclipboard Utilities

  1. add the following utilities:
    1. ClipMenu: install at bottom of this thread
      1. change preferences to:
        1. Inline 25
        2. 20 Per Folder
        3. 100 items
        4. Enabled on Startup
    2. Witch or alternatively change the keyboard shortcut for switching between application windows to option-tab
    3. Typinator: it’s great text expander. Add license. Note: one only needs to pay once and if one wants to renew updates after two years you can pay again. Every business needs text expansion. Shared team online text expansion would be great but I have to ask Ergonis to add it (outside of iCloud of course).
    4. Spectacle, default configuration is fine except when using some video editing or high end photo programs who might use some of the same shortcuts.
    5. optional: USB Overdrive or other click to scroll software
    6. LastPass for shared password management (we recommend offline edition of 1password for personal and banking password management).

Install Basic Apps for Writing and Thinking

  1. MacDown for free Markdown. If you are on the app store, iaWriter even more preferable.
  2. DaisyDisk for quick disk audits when your disk gets crowded
  3. Mindnode Pro for mind mapping.
  4. TextWrangler (or BBEdit if you have a license) for handling huge text documents or html or CSS
  5. Acorn 5 for basic image editing and screenshot prep
  6. I haven’t added SnapNDrag as one can do most screen capture with either built-in shortcuts or Acorn and we’re experimenting with other screen capture utilities. But if you do a lot of screen captures, SnapNDrag is really solid.

Aesthetics

  1. System Preferences
    1. General
      1. show scroll bars always
      2. change recent items to 30
    2. Dock
      1. turn off Animate Opening Applications
      2. make much smaller
      3. change menus to dark: “Use dark menu bar and dock”
    3. Turn off Stocks in Extensions
    4. Remove Date and Time from Menu Bar if you’ve added iStat Menus.
  2. Install BasicColor and calibrate with two week trial.
  3. Turn off system notications from noisy apps so you can work (application by application). Ideally just choose None and turn off play sound.

Not included in Basic Install

Apps not added yet include CSSEdit, photoapps like Iridient Developer, CaptureOne or video editing software like FCPX or Davinci Resolve. Or programing environments like SublimeText or Eclipse.

I have also not included complex software such macro programs like KeyboardMaestro which not everybody might like. Or even LaunchBar which I can’t live without (many people get by with the dock and spotlight).

VPN options are also not covered. Ideally people would just be using the PPTP built into Mac OS X (Witopia for instance).

Alec Kinnear

Alec Kinnear

Alec has been helping businesses succeed online since 2000. Alec is an SEM expert with a background in advertising, as a former Head of Television for Grey Moscow and Senior Television Producer for Bates, Saatchi and Saatchi Russia.

Categories: IT Tags: apple, el capitan, os x, security, sierra

Related Posts

  1. Setting Up Email Securely on cPanel servers: example WiredTree

    Setting Up Email Securely on cPanel servers: example WiredTree

  2. Foliopress Embedded Menus Pro

    Foliopress Embedded Menus Pro

  3. How to create a network backup with Apple’s TimeMachine

    How to create a network backup with Apple’s TimeMachine

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

You can click here to Subscribe without commenting

Primary Sidebar

Categories

  • Business
  • Camera Reviews
  • Case Studies
  • Design
  • FV Player
  • Internet Marketing
  • IT
  • Life
  • SEO
  • Slovak
  • Video of the Week
  • WordPress

Footer

Our Plugins

  • FV WordPress Flowplayer
  • FV Thoughtful Comments
  • FV Simpler SEO
  • FV Antispam
  • FV Gravatar Cache
  • FV Testimonials

Free Tools

  • Pandoc Online
  • Article spinner
  • WordPress Password Finder
  • Delete LinkedIn Account
  • Responsive Design Calculator
Foliovision logo
All materials © 2025 Foliovision s.r.o. | Panská 12 - 81101 Bratislava - Slovakia | info@foliovision.com
  • This Site Uses Cookies
  • Privacy Policy
  • Terms of Service
  • Site Map
  • Contact
  • Tel. ‭+421 2/5292 0086‬

We are using cookies to give you the best experience on our website.

You can find out more about which cookies we are using or switch them off in .

Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Necessary Cookies

Strictly Necessary Cookie allow you to log in and download your software or post to forums.

We use the WordPress login cookie and the session cookie.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.

Support Cookies

Foliovision.com uses self-hosted Rocket.chat and self-hosted Freescout support desk to provide support for FV Player users. These cookies allow our visitors to chat with us and/or submit support tickets.

We are delighted to recommend self-hosted Rocket.chat and especially Freescout to other privacy-conscious independent publishers who would prefer to self-host support.

Please enable Strictly Necessary Cookies first so that we can save your preferences!

3rd Party Cookies

This website uses Google Analytics and Statcounter to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping this cookie enabled helps us to improve our website.

We reluctantly use Google Analytics as it helps us to test FV Player against popular Google Analytics features. Feel free to turn off these cookies if they make you feel uncomfortable.

Statcounter is an independent Irish stats service which we have been using since the beginning of recorded time, sixteen years ago.

Please enable Strictly Necessary Cookies first so that we can save your preferences!