The temptation to use your personal Mac to check work email, confirm a professional appointment, access an employer’s cloud-based app or draft a business document is difficult to resist. Despite the convenience, security risks arise when using your personal Mac for work; for instance, sensitive files and other business best kept private may be stored locally and then accessed by other users, apps and websites.
There are ways you can take to secure your Mac and protect your organization’s information. Before following these five tips, check with your employer to confirm employees are permitted to use their personal Macs — a practice often referred to as BYOD for Bring Your Own Device — for work.
1. Encrypt your Mac’s hard drive using FileVault
Because email messages, texts, documents, application data and other sensitive information can remain behind and prove recoverable even after deleting files, follow the best practice of encrypting your hard drive. Macs include a robust disk encryption technology called FileVault for this purpose.
The feature is easy to use and enable. When combined with a complex password, FileVault provides considerable protection against your company’s proprietary information being stolen from your Mac should you lose or misplace the computer.
To enable FileVault using macOS Ventura, open System Settings, click Privacy & Security and scroll down to FileVault. Then, click the Turn On button to enable Mac disk encryption. Once you enable FileVault and set a recovery key, the Privacy & Security pane will confirm the feature is enabled, and the key is set (Figure A).
Be sure to note the recovery option you select because, when a disk is encrypted using FileVault, you essentially cannot access the Mac if you forget the corresponding logon and recovery password. macOS offers two recovery options: You can use your iCloud account to unlock the Mac’s hard drive or create a recovery key.
2. Use a separate email app
Resist mixing personal and work email accounts within the same email app such as Apple Mail. It’s easy to use the wrong account or accidentally save work-related emails and their accompanying attachments within a personal mail folder. When such oversights occur, you inadvertently end up storing potentially sensitive business information within your personal email account.
Installing a separate email client on your Mac, and using that app exclusively for your work-related account and its corresponding email and calendaring information, helps ensure that business contacts, messages, attachments and appointment details remain separate and don’t accidentally get mixed within your personal email app and account. Fortunately, there are multiple capable email client software options in addition to Apple Mail, including Microsoft Outlook for Mac and Mozilla Thunderbird.
Cookies, cache data and other business information is often left behind on your Mac when accessing cloud-based applications such as Outlook Web Access, SharePoint portals, Gmail, Google Docs and other web platforms. Dedicating a web browser exclusively to work-related tasks helps prevent personal and business information from getting mixed together on your Mac.
Having all of your employer’s information stored within a single browser also makes it easier to ensure that information is removed from your Mac, if needed. In such cases, you could uninstall the browser and any of its data libraries.
Just as it’s wise to separate your personal and work-related email and browsing information, it’s a good practice to not mix personal and work files. When using your personal Mac for business tasks, ensure you don’t save business files within your personal iCloud account. Instead, use your company’s Microsoft 365 OneDrive account or a workplace-approved third-party cloud service, such as Box or ShareFile, to pass files securely between your Mac and workplace.
There’s another “gotcha” that can catch iCloud users by surprise. Depending upon your Mac’s configuration, you may be automatically synchronizing and saving files placed on your Mac Desktop and Documents folders to iCloud; if so, avoid placing work-related files within those locations.
You can quickly confirm whether your Mac is automatically backing up Desktop and Documents files to iCloud. Open System Settings, select your Apple ID, click iCloud then select iCloud Drive. If the Desktop & Documents Folders option is enabled, iCloud is backing up the contents of those directories to the cloud and maybe even syncing those files with your other Apple devices such as an iPhone or iPad. The grayed-out button shown in Figure B indicates the Desktop & Documents Folders aren’t being synchronized using iCloud.
Many Mac users save commonly used passwords within Keychain, which stores login credentials and can synchronize password information with all of the user’s iCloud-connected devices. Storing these passwords eliminates the need to remember a variety of complex logins for a seemingly ever-expanding number of apps, email accounts, cybersecurity tools, online services and other resources. Depending upon your Mac’s iCloud configuration, those passwords may be stored and synchronized in the cloud using Apple iCloud. Any time passwords are saved to a hard drive, though, your cybersecurity defenses are weakened. Whenever passwords are stored and synchronized to the cloud, which can happen with iCloud, these safeguards are further weakened due to the sheer expansion of active threat surfaces.
Hackers are increasingly adopting artificial intelligence and machine learning technologies to help them gain access to personal and business accounts and systems, so avoid saving sensitive passwords to Apple Keychain. And because it’s important to separate work-related data from personal information, never save passwords for your employer’s business systems on your Mac, either within browsers or using Apple Keychain.
You can confirm Keychain synchronization status by opening System Settings, clicking your Apple ID and selecting iCloud. The Passwords & Keychain iCloud status is displayed within the Apps Using iCloud window (Figure C).
Trade-offs require compromise
Trade-offs typically necessitate some compromise, and using your own device to assist fulfilling workplace responsibilities is no exception. If you’re going to enjoy the conveniences of using your personal Mac to perform business work, take these precautions to help prevent your organization’s business apps and information from falling into the wrong hands.