You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

iMac security and privacy

What should I activate to maximise security and privacy on my iMac.


Currently, FileVault is off as the warning makes me anxious !


Firewall is on, and the only options checked are:

'Automatically allow built-in software to receive incoming connections' and

'Automatically allow download signed software to receive incoming connections . . allows software signed by a valid certificate authority to provide services accessed from the network' (whatever all that means)


None of the 'Advanced' options are checked.


In Privacy, the only checked items are 'Siri and Dictation', 'Maps, and 'Safari'. In 'System Services . . Details', all boxes are checked except for 'Show location icon in menu bar when System Services request your location'.


Any advice very welcome.

Posted on Aug 16, 2019 6:20 AM

Reply
Question marked as Top-ranking reply

Posted on Aug 18, 2019 6:17 AM

TimeMachine is designed to be as foolproof as possible. It backs up the entire internal hard drive unless you open its preferences and tell it to ignore specific folders. It can even back up any external hard drive that’s connected. If you have 2 external drives connected (1 being the TM drive) just open TM preferences and make sure the 2nd drive isn’t listed in the omit list. (Also make sure your TM drive is large enough. My rule of thumb is to add up the size of all the files I’m backing up, add a bit more to account for growth over the next 18 months, and then at least double it. That’s the smallest drive you should buy for your TM backup.


There’s no reason to worry about the drive being in use when you put the computer to sleep. The Mac OS is robust enough to deal with that occurrence - one that happens much more often than you might expect. Similarly TM is usually able to pick up right where it left off if you put the computer to sleep. Every once in a while TM will get confused and you might realize that a backup is stalled. IF this happens just open TM preferences and turn it off. Open the TM drive, open the backups.backupdb folder, open the folder inside that represents your computer and sort the list of backups by date. You’ll see a file called inprogress - delete it, empty the trash, turn TM back on, and manually initiate a backup from the TM menubar item. That should do it. To give you an idea of how robust TM is, one of my desktop TM drives has backups going back to 2012 when I purchased my new iMac.


TimeMachine is a file based backup system so in most bases if you have deleted or fouled up a file and you want to retrieve an older version from TM, you enter TimeMachine, navigate to the folder where the file is located (or in some cases you might select an entire folder if you deleted an important folder), tell TM to restore it and then select the location to copy the file/folder to. In a few instances though TM works a bit differently. Photos, for example, by default keeps a monolithic package of all your photos and edits. If you need to retrieve a photo you can’t really use TM to find just that photo. You retrieve the entire Photos library. (Yeah, not optimal but there are some good reasons for this.) Mail is another program where the usual way doesn’t work. For Mail you open TM in the Mail program and then look back in time at the Mail database.


I don’t consider cloud based backups to be a good idea. Forget the possibility of the company going bankrupt or being breached. Unless you live where fiberoptic allows for hard drive like Internet speeds, retrieving lots of data from a cloud backup is just too slow. On good days I can download about 4GB an hour. My desktop internal drive has about 115GB of data. About 380GB of data and applications. I don’t have that long to wait for my computer to be ready.


To recap: Keep your TM drive plugged in all the time. Don’t overthink it. Bad things happen, that’s why you back up and want to do it frequently. Backups do go bad that’s why you want more than one. But it is possible to overthink it. Knock on wood, since that first disaster back around 1990 I’ve experienced many drive failures of various types. I’ve lost some time as a result but I’ve lost no data.

Similar questions

14 replies
Question marked as Top-ranking reply

Aug 18, 2019 6:17 AM in response to ringnib

TimeMachine is designed to be as foolproof as possible. It backs up the entire internal hard drive unless you open its preferences and tell it to ignore specific folders. It can even back up any external hard drive that’s connected. If you have 2 external drives connected (1 being the TM drive) just open TM preferences and make sure the 2nd drive isn’t listed in the omit list. (Also make sure your TM drive is large enough. My rule of thumb is to add up the size of all the files I’m backing up, add a bit more to account for growth over the next 18 months, and then at least double it. That’s the smallest drive you should buy for your TM backup.


There’s no reason to worry about the drive being in use when you put the computer to sleep. The Mac OS is robust enough to deal with that occurrence - one that happens much more often than you might expect. Similarly TM is usually able to pick up right where it left off if you put the computer to sleep. Every once in a while TM will get confused and you might realize that a backup is stalled. IF this happens just open TM preferences and turn it off. Open the TM drive, open the backups.backupdb folder, open the folder inside that represents your computer and sort the list of backups by date. You’ll see a file called inprogress - delete it, empty the trash, turn TM back on, and manually initiate a backup from the TM menubar item. That should do it. To give you an idea of how robust TM is, one of my desktop TM drives has backups going back to 2012 when I purchased my new iMac.


TimeMachine is a file based backup system so in most bases if you have deleted or fouled up a file and you want to retrieve an older version from TM, you enter TimeMachine, navigate to the folder where the file is located (or in some cases you might select an entire folder if you deleted an important folder), tell TM to restore it and then select the location to copy the file/folder to. In a few instances though TM works a bit differently. Photos, for example, by default keeps a monolithic package of all your photos and edits. If you need to retrieve a photo you can’t really use TM to find just that photo. You retrieve the entire Photos library. (Yeah, not optimal but there are some good reasons for this.) Mail is another program where the usual way doesn’t work. For Mail you open TM in the Mail program and then look back in time at the Mail database.


I don’t consider cloud based backups to be a good idea. Forget the possibility of the company going bankrupt or being breached. Unless you live where fiberoptic allows for hard drive like Internet speeds, retrieving lots of data from a cloud backup is just too slow. On good days I can download about 4GB an hour. My desktop internal drive has about 115GB of data. About 380GB of data and applications. I don’t have that long to wait for my computer to be ready.


To recap: Keep your TM drive plugged in all the time. Don’t overthink it. Bad things happen, that’s why you back up and want to do it frequently. Backups do go bad that’s why you want more than one. But it is possible to overthink it. Knock on wood, since that first disaster back around 1990 I’ve experienced many drive failures of various types. I’ve lost some time as a result but I’ve lost no data.

Aug 16, 2019 7:11 AM in response to ringnib

FileVault is handy if you have a notebook or if you are using the computer in a location that isn't protected - an office or a dorm room. If it is in your home and you aren't worried about people in the house snooping you probably are ok to not use it. Still, if you had a nosy guest or someone stole the computer, what sensitive information might they glean? I've personally experienced no disasters with FileVault but I do have multiple backups should disaster occur. If you are interested in my multi-layered back system I'll be glad to share it.

Aug 17, 2019 11:39 AM in response to ringnib

Most experienced users create redundant backups because backups can fail too. I've seen it myself when my internal drive crashed and when I went to restore the only backup I had crashed while I was unaware. This happened many years ago now and but it cost me a lot in terms of lost irreplaceable data such as photos.


What many users do is they use Time Machine on one external HD and then on a totally separate External Hard Disk they use a bootable clone app such as SuperDuper! or Carbon Copy Cloner. Both do the same thing and one is not "better" than the other. They both cost less than $50 and are invaluable. What a bootable clone does is it creates a clone of your internal drive, so if the internal drive goes down, you can boot from the clone. This is something Time Machine cannot do. I have my SuperDuper! software setup to only backup changed files at about 2:30 a.m. daily. I have Time Machine set to run normally.


As a matter of added precaution I check both backups about 1x a months (takes less than 5 minutes) to verify each backup is working okay.


This extra added level of backup ensures my data stays secure and gives me peace of mind in the event my computer goes down, if it does I have backup I can rely on to restore when it's time.

Aug 17, 2019 11:59 AM in response to ringnib

TimeMachine is a convenient start it and forget about it backup system, especially for desktops (because the TM drive is always plugged in) but when your drive dies or gets corrupted TM takes time to get your computer back on task. If you just don’t have time to wait for TM to restore your drive, having a clone is a life saver. You can immediately boot with the clone (which may be a bit out of date, or not) and get right back to work. You can restore later. But that clone backup isn’t a backup if you boot with it, it is your primary and what if it dies? And what if all your backups are destroyed in a fire or the crook who steals your computer takes the drives too?


My scheme uses multiple TimeMachine drives. One drive is plugged in all week and in use while the other is locked in my desk at work. On Friday I take the home drive into work and at the end of the day take the work drive home. Repeat and rinse 😀. Worst case I have a TM drive at work that is at worst, one week old. I use CarbonCopyCloner to clone my boot drive to two different drives every evening. There are many cloning applications, one reason I like CCC is that it has a safety net feature which saves the changes so the clone is exactly the same as the boot drive but documents that were deleted or edited since the last cloned backup are saved in a Safety Net folder so if I need to go back to a previous document and TimeMachine can’t do it, the clone should be able to.


This may sound stupidly redundant but some years ago I had a client go bankrupt because the building his business was in burned down. His computer, his backups, and his paper copies were all destroyed. I personally experienced a catastrophic failure when a lightning strike took out my computer and my backup turned out to be garbage. Thankfully at that point it was merely an inconvenience. Today with tax records, 10+ years of digital photos and movies, and my entire music collection digitally recorded, it would be more that inconvenience.


Besides TimeMachine and CarbonCopyCloner I use one of these docks. Note, I’m not advocating this specific product. But a high quality dock is convenient, it makes swapping the TM drives on Friday a snap and using it as I’ve described only requires a one drive dock but I actually do use both bays of mine, one back for TM and the second for a clone.

Aug 18, 2019 5:24 AM in response to dwb

Thanks for your excellent advice. I only have a home desktop, so my safety requirements are less complicated than yours, but everything you say is entirely relevant. Cloning the boot drive is something I hadn't considered, but will now follow up on.


Can I ask your opinion of external HD backup schedules. I basically plug an external HD in and let it do a straightforward general backup, which seems to be the complete internal drive; or maybe I'm wrong from what you say.


I recently absent-mindedly put my desktop to sleep while a backup was in progress. Something I have been told can corrupt the drive, and have been prone to doing in the past.


Firstly, in such an instance should I erase the external HD through Disk Utility and do a complete new backup.


Secondly, how can I check an external HD is fully backed-up and healthy. When I enter an HD through TM, I can’t open Music and Photo albums. All it will show is the volume of the folders. If I enter it through the drive icon on the desktop, and burrow through to Pictures and click on it, the Photos App is activated in the Dock and I can view my photos; but I don't know if I am seeing what is backed-up on the external HD, rather than just my Photos on the internal drive.


Thirdly, why doesn’t Apple prevent accidental computer shut-downs by not allowing ‘Sleep’ or ‘Shutdown’ to take place if a backup is in progress.


You didn’t mention the Cloud as a secure way of backing-up the internal drive. I have concerns about the security of using it.


As a consequence of the above, I don’t have my external HDs permanently connected, and don’t do frequent or regular backups, but only generally when I get a ‘No backups for x days’ message, and I select ‘Energy Saver’ never to put the desktop Display or Computer to sleep before I connect each in turn and do a backup.


Not ideal or sensible I know, but it is the only way I can be confident of doing an uniterrupted backup.


I have three external HDs. The oldest is the size and weight of a brick, and the most recent the size of a credit card wallet. I don’t know which, if any or all, are reliably backed-up and fully functioning, or 'turn out to be garbage', as happened to you.




Aug 18, 2019 5:37 AM in response to rkaufmann87

Thanks for your excellent advice. Using a bootable clone app is something I hadn't considered, but will now follow up on.


What backup schedule do you follow with your external HDs, and would you use iCloud to backup your internal drive.


I recently absent-mindedly put my desktop to sleep while a backup was in progress. Something I have been told can corrupt the drive, and have been prone to doing in the past. Should I erase the external HD through Disk Utility and do a complete new backup.


How can I check an external HD is fully backed-up and healthy. When I enter an HD through TM, I can’t open Music and Photo albums. All it will show is the volume of the folders. If I enter it through the drive icon on the desktop, and burrow through to Pictures and click on it, the Photos App is activated in the Dock and I can view my photos; but I don't know if I am seeing what is backed-up on the external HD, rather than just my Photos on the internal drive.


I wonder why Apple doesn't prevent accidental computer sleep or shut-downs by not allowing them to take place if a backup is in progress.


As a consequence of the above, I don’t have my external HDs permanently connected, and don’t do frequent or regular backups, but only generally when I get a ‘No backups for x days’ message, and I select ‘Energy Saver’ never to put the desktop Display or Computer to sleep before I connect each in turn and do a backup.


Not ideal or sensible I know, but it is the only way I can be confident of doing an uniterrupted backup.


I have three external HDs. The oldest is the size and weight of a brick, and the most recent the size of a credit card wallet. I don’t know which, if any or all, are reliably backed-up and fully functioning.


Your feedback would be welcome.


Sep 29, 2019 8:25 AM in response to dwb

I'm getting round to following your excellent advice about using external HDs but, if you have time, could you clarify the following :


Re 'Keep your TM drive plugged in all the time', if I turn my Desktop Mac off at night are there any protocols or precautions I should consider prior to that with regards to the connected HDs, such as waiting for backups to complete or dismounting the HDs in Finder first


Thanks in anticipation.





iMac security and privacy

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.