Your Mac’s default settings may be violating your company’s security policy.
Macs comes with a built-in firewall tool that you can use to reduce the number of points open to attack by malicious actors. But the firewall has to be turned on by the user — by default, the firewall is set to off.
A firewall scans incoming network traffic. This tool gives you the ability to allow or deny connections to your Mac. Having a tool like this is another line of defense that is crucial for preventing attacks that occur primarily in the background. For example, accidentally clicking on a bad link can be averted by the firewall preventing that connection from occurring.
Also having a firewall may be part of your company’s security policy. If so they should have a dedicated plan for onboarding employees that includes training for securing their devices.
Given the current state of work, we are seeing more employees in a work from home situation making them all the more vulnerable to attack.
For more options click the ”Firewall Options” button.
Firewall options include:
Checkbox, “automatically allow built-in software to receive incoming connections“.
Checkbox, “automatically allow downloaded signed software’ to receive incoming connections“.
Checkbox, “enable stealth mode (which means the Mac won’t respond to or acknowledge attempts to access this computer from the network by test applications using ICMP, such as Ping)”.
Use the plus and minus buttons to add and remove applications from the firewall. When added, you can either allow or block traffic to them.
A firewall policy defines how your company’s firewalls should handle inbound and outbound network traffic. Your firewall information security policy or procedures may need to specify IP addresses or address ranges, protocols, applications, and content types.
To determine what you should include in your firewall policy, you should conduct a risk assessment to develop a list of the types of traffic your company needs and how those should be secured. That including which types of traffic can cross a firewall, under what circumstances.
If you need to comply with an information security framework, you will want to reference their documentation, such as the NIST guidelines on firewall policies.
Companies may also determine that all inbound and outbound traffic that isn’t expressly permitted by their firewall policy should be blocked. That traffic is not necessary for the company.
Simple steps like enabling firewalls can reduce the risk of a cyber attack.
Does your company have a firewall policy and provide instructions for macOS users to enable it?