Do you need Anti-Virus for your Mac? (It’s not what you think)

Anti-virus software might be a thing of the past...

Is an anti-virus still necessary in this day and age? Macs have long had the reputation of being more “secure” than Windows computers, with users believing that Apple devices are impenetrable to cybercriminals and viruses. 

This misconception – paired with Apple’s marketing boasting that macOS is “the most secure consumer operating system” may lull users into a false sense of security. 

So, are you at risk? Let’s first examine some of the factors that surround security on Macs and macOS. I’ll also walk you through how you can be best protected on your Mac, because these days our entire lives are on our computers!

Are Macs and Apple devices more secure?

There are 2 main parts to this question. Firstly – Apple’s market share is less than that of Windows, so naturally Mac devices face reduced risk. Secondly, Apple’s operating system – macOS – is designed a different way, making it inherently more secure than other popular operating systems.

Lower Market Share = Less risk

One possible explanation for a higher perceived security in Mac devices lies purely in the numbers.

Operating system market share worldwide
Desktop Operating system market share (Image Source: Statcounter)

It’s no secret that Windows has long dominated the personal computer market (which includes laptops and desktop computers) – holding an impressive 75% market share in September 2021, while macOS holds a tiny in comparison 15.9% market share. 

Cyber-criminals therefore, looking for the best use of their time and resources, tend to spend more time looking for bugs and exploits in Windows than macOS, and this translates into less focus on macOS. Paired with many businesses relying on older, more vulnerable versions of Windows on their systems – targeting enterprise or business Windows devices is simply more profitable.

However, as Macs have become more popular, they’re taking back some market share from Windows both in enterprise situations and in the home. macOS’s popularity has sky-rocketed from 3.6% in January 2009 to almost 16% in September 2021. This can often be attributed to the sleek design of Macs, and the “Apple Magic” that is macOS’s ease of use.

The lack of broader ongoing malware threats on macOS can also be quite appealing for interested buyers. This ever-growing, and less cautious and informed user base has the potential to make macOS a high value target for cyber-criminals.

MacOS is just ‘built different’

MacBook and iMac
Apple touts being built “from the ground up” to be more secure (Image Source: Apple)

macOS is a fundamentally different operating system, with different methods on how basic tasks are run compared to Windows for example.

macOS is also built upon the Unix kernel, which incidentally is also used by the Linux operating system.

Unix was designed initially as a powerful multi-user operating system, with a tight leash on privileged processes (i.e. applications with more permissions, similar to administrator permissions on Windows). 

macOS represents a custom version of Unix, with a custom desktop and is firmly closed source, with it being even more locked down than Unix (which is meant to be edited and managed by the user, by design, while remaining secure application wise). 

Unix also utilises a different file management system (UFS – the Unix File System), allocating everything to a home directory (referenced as ~ or “root”), and everything being put into the same file hierarchical tree (including external devices, which are mounted to the original, and treated as such). A flowchart can be seen below of an example Unix file system:

Network diagram
Standard file system for Unix based systems

This allows for everything to fall under one file system, and only requires one central set of permissions. 

This can usually be referenced as users in a system being either a standard “user” or a “sudo” (SuperUserDo – the equivalent of an administrator in Windows). These roles dictate what a user can and can’t do with the operating system, including limiting access for system files, and certain applications. 

All applications by default are run with the same permissions as a “user” (i.e. they can’t access any information that isn’t application specific) and are only able to run with these permissions if explicitly allowed by the user (by either a pop-up or using the “sudo” command). 

Unix is very secure by design. The main protection on any Unix-based operating system is that running an executable (such as .app in macOS, and .exe in Windows) is much more difficult. Executables cannot be processed without explicit permission, as all processes in Unix are designed to be equal. This often comes in the form of using a pop-up in macOS (which requires you to enter your password, or Touch-ID) in order to grant any 3rd party application to run. 

Therefore – removing viruses from Unix based systems is much easier, as viruses can only infect user accounts, and the root (super-user) account remains intact. This allows for you to essentially use the “root” account to remove the rogue processes and files on any user account to therefore make it safe again.

This is different on an operating system such as Windows, where applications are able to, by default, have access to information that is not application specific (i.e. potential administrator access, and personal information). 

Scam pop-up
WannaCry Ransomware (a virus that encrypted all the files of a Windows user and forced them to send bitcoin to decrypt) (Image Source: 2-Spyware)

Although applications often ask for administrator access, it is not the case for all applications, with Task Manager being an example (as it runs in “Administrator” mode no matter what you choose). 

This poses a lot of potential security risks, and combined with Windows treating files in containers (such as C: (the Windows install), D: (removable media) and E:, F:, G:, etc. (other internal drives)), which all have separate permissions. This allows for potentially one drive getting more permissions than others, and can make exploits easier to exploit. 

macOS is unique in having everything running in a “sandbox” (i.e. every application is run in complete isolation from each other, and limits the amount of resources that any application may take up, and behaves very similarly to a Virtual Machine), which can be seen in macOS, where when one application is crashing, you are able to still use any other application just fine.

This overall basic change in philosophy sets up Unix based operating systems (like macOS) to be very secure, although it does not make it immune from exploits or viruses.

Should you encrypt your drive?

macOS system settings
Disk Encryption may help with security, although you ‘unlock’ the drive on boot, therefore it only helps if your Mac is stolen

This is something that you may have missed when you first set up your Mac, but this allows for all the data on your computer to be “encrypted” (i.e. changed to look like a large string of random characters, and can only be “read” when unlocked).

This is great if your laptop is stolen – as anyone would be unable to decrypt the drive without the password (this includes you if you forget the password, so keep it safe), this will not stop any viruses from accessing your data when the computer is on and unlocked however.

Should you get an anti-virus for your Mac?

Anti-virus software
The most popular MacOS Antivirus applications (Image Source: Macworld)

You may be wondering if it’s worth getting an anti-virus at all. This depends purely on what you do on your Mac. 

If you are a sensible and conscious person, who only visits reputable websites (and ensures those websites use HTTPS when accessing), and doesn’t click on any suspicious links, the chances of getting a virus is incredibly low.

In my opinion, an anti-virus isn’t worth the investment, although it can offer you some peace of mind. I’ve found that macOS’ default protections are able to weed out a good amount of viruses, and paired with a good browser, should block any suspicious downloads, and not allow for them to run.

If you’re someone who engages in behavior that is shady (I do not condone doing so), you are putting yourself at a much higher risk of your computer becoming infected, especially if you do things such as installing pirated software (this is particularly risky, as it is obvious that you are using macOS, and malware can be made to suit that) and movies. The best course of action in this case is to simply stop engaging in that behavior, and using an anti-virus to remove any potential infections. 

What anti-virus should I use?

The most complete package that I could find for macOS in Avast and BitDefender. They both feature good scan speeds, good detection and very usable free plans on both. I would recommend using the free plan for your average user, as it is able to remove common (and some rare or more exotic) malware spanning a large range of exploits. 

If you’re looking for an alternative anti-virus, I highly recommend investing some time, and looking at a large selection of reputable reviews. This software, after all is responsible for keeping you safe online, and may pose a security risk in itself if you use an illegitimate one.

What if I use a VPN?

Private Internet Access logo
Private Internet Access – one of the very best VPN service providers

Using a VPN doesn’t stop any kind of virus from being downloaded, but it does allow you to bypass any local restrictions that may prevent you from using certain websites, or accessing certain information (such as Netflix for example). 

It does allow for a more secure internet connection if you are on public or open Wi-Fi, which is susceptible to man-in-the-middle attacks (i.e. someone pretends to be a certain website), as you are using a more secure protocol, while being able to browse the internet as if you were on a more secure network overall. 

If you are going to use a VPN, I would strongly recommend using Private Internet Access. I have personally been a user of Private Internet Access for quite some time, and I have found it to be a solid-performing VPN service. It’s also the VPN we use here in the office. Here’s an affiliate link if you want to check it out. 

If you are using a VPN I would also strongly recommend turning on the firewall (which is disabled by default). The built-in macOS firewall is more than enough in my experience to stop unauthorised IPs from communicating with your machine.

So, what’s the verdict?

Although macOS is slightly more secure than Windows by design, it is still susceptible if you engage in shady behaviour, such as pirating cracked software or movies. 

I would recommend having the free version of Avast or Bitdefender on your Mac, as it allows for a good level of protection, although the chances of your system becoming infected with a virus while doing normal work, and exercising common sense is very low. 

I would recommend exercising caution in general on the web, especially as our machines start to hold more and more personal information.

Sharing is caring: