Device Security

    Lock Down macOS: Gatekeeper, Firewall, FileVault & Updates

    The five settings every Mac user should turn on after a clean-up to stop the next infection.

    6 min read · Beginner friendly

    After cleaning up an infection, lock the door behind you. These five free settings stop the vast majority of Mac threats — including infostealers, adware, and ransomware.

    1. Re-enable Gatekeeper

    1. System SettingsPrivacy & Security
    2. Set Allow applications downloaded from to App Store and identified developers

    2. Turn on FileVault

    1. System SettingsPrivacy & SecurityFileVaultTurn On
    2. Save the recovery key in a password manager — never on the Mac itself

    FileVault makes your Mac's drive useless to a thief and protects you against several malware classes that try to read files when the disk is unlocked.

    3. Turn on the Firewall

    1. System SettingsNetworkFirewallOn
    2. Click Options and enable Stealth Mode

    4. Enable automatic updates

    1. System SettingsGeneralSoftware UpdateAutomatic updates
    2. Turn on every option, especially Install Security Responses and system files

    5. Audit Privacy & Security permissions

    • Revoke camera, microphone, screen recording and full disk access from anything you do not recognise
    • Remove all Configuration Profiles unless you work for a company that manages your Mac
    • Turn on Find My Mac in Apple ID settings

    More from Device Security

    No image

    How to Block Scam Calls and Filter Spam SMS on Android

    How to Block Scam Calls and Filter Spam SMS on Android
    No image

    How to Detect Spyware or Stalkerware on an iPhone

    How to Detect Spyware or Stalkerware on an iPhone
    No image

    How to Stop Apps Spying Through Your iPhone Camera and Microphone

    How to Stop Apps Spying Through Your iPhone Camera and Microphone