You are here: Home / Contracts / Security Plans / How to Secure a Macintosh Connected to a Network

How to Secure a Macintosh Connected to a Network

A network is two or more computers and/or network devices (e.g., printer, switch, hub, router) connected to the Internet or a LAN. Because the computer is connected to the Internet or to a local or wide area network, the emphasis for securing this computer is placed on physical security of the computer, controlling access to the data, and protecting the data from unauthorized access across the wire.

Physical Security of a Macintosh on a Network

  1. Configure the Macintosh to boot from the hard drive only. Do not allow the Macintosh to be booted from the diskette or CD-ROM drive.
  2. Secure the Macintosh on which the Add Health data resides in a locked room, or secure the computer to a table with a lock and cable.

Controlling Access to the Data

  1. Turn off the auto-login feature and require individual userids for anyone using the system.
  2. Restrict access to the Add Health data to project personnel using the security features available via the operating system (e.g., login via userid/password and ACLs permissions).
  3. Require strong passwords.
  4. Password protect screen saver and activate after three minutes of inactivity.

Protecting the Data from Unauthorized Access Across the Wire

  1. Avoid using the root account. Use the sudo command instead.
  2. Leave all unneeded services turned off, especially File and Web sharing, remote logins, and ftp sessions.
  3. Maintain all OS and application security patches.
  4. Install antivirus software and keep the virus definition files updated.
  5. Disable any scripting capabilites in your email client (e.g., Visual Basic Script or Javascript).
  6. Enable auditing.
  7. Use a corporate, hardware, or personal (software) firewall (e.g., the Macintosh comes with a built-in firewall, ipfirewall).

Sensitive Data Security Plan Form