The Mac Security Blog

Apple + Recommended + Security & Privacy

macOS Sierra: Security and Privacy Features Overview

Posted on by

macOS Sierra Security and Privacy Features

macOS Sierra is here! Aside from the new naming convention — no more OS X — Sierra has lots of new features. It brings Siri to the desktop, provides a useful new Universal Clipboard feature, lets you store some of your personal documents on iCloud Drive, brings tabs to more apps, offers picture-in-picture video, and more.

With the release of macOS Sierra 10.12, Apple also introduced some new security features worth noting. Here’s an overview of Sierra’s new security and privacy features.

Basic Security Features

To learn about the basic security features in macOS Sierra, you can start by looking back at some articles I’ve written in the past couple of years. For last year’s release of El Capitan, I covered OS X 10.11’s new security features; the year before, I looked at OS X 10.10 Yosemite’s security and privacy features in detail.

Goodbye Flash, Hello HTML5

Apple sounded the death knell for Flash many years ago, with Steve Jobs famously calling out the security risks of this plug-in. Apple has been phasing out Flash over the years, and they’ve made a big change with Safari in macOS Sierra.

Safari will no longer tell websites which plug-ins are installed on a user’s computer. This means that any website that offers video or other rich media in HTML5 and another format — generally Flash — will no longer know that it can provide Flash content to Safari users. Websites that use these two formats generally try to use Flash first, and, if it is not available, use HTML5 instead. Now, since Safari doesn’t tell websites that Flash is available, HTML5 will be used.

There are, of course, some older websites that only offer content in the Flash format. In this case, you may see an error message saying that you need to install Flash. You can do so if they want, but even if you do, other websites won’t default to use Flash when you visit them.

A Safer Way to Pay on the Web

You’re probably familiar with Apple Pay by now, the system that lets you easily pay for purchases using your iPhone, iPad, or Apple Watch. Apple has rolled out Apple Pay for the Safari web browser, providing enhanced security for online transactions. You can use it already on the Apple website, but it may take a while before you start seeing it on other websites. Note that Apple Pay on the web requires that you have an iPhone 6 or later running iOS 10, or an Apple Watch running watchOS 3. It will only be available with Safari, but it’s likely that Apple will extend support in the future.

Universal Clipboard

An interesting feature in macOS Sierra is the Universal Clipboard. If you have the Handoff feature turned on — the setting for this is in the General preferences — you can copy an item on one Apple device and paste it on another. For example, you copy a link or a bit of text on your Mac, and you can paste it into an app on your iPhone. The copied text is immediately available on the other device’s clipboard.

Universal Clipboard isn’t actually a security feature, but can be helpful in keeping your data secure. People sometimes need to copy a password, credit card number, or other information from their Mac and get it to their iOS device. Instead of sending sensitive information by email, which is insecure, you can use the Universal Clipboard to ensure that any data you send from one device to another is sent securely. Only those devices that are logged into your iCloud account can receive the data, and it automatically deletes two minutes after you copy it.

Unlock Your Mac with Your Apple Watch

Wouldn’t it be great if you could set a very secure password for your Mac, but not have to type it? Well, you can, if you have an Apple Watch. Go to Settings > General > Security & Privacy, and click the General tab. Check Allow your Apple Watch to unlock your Mac. When you near your Mac, the presence of your watch will tell the Mac that it’s you, and unlock it. The only requirement is that you have already set up two-factor authentication. See this Apple support document for more on setting up two-factor authentication.

A Stronger Gatekeeper

Apple introduced Gatekeeper in OS X Mountain Lion. This security feature protects users from unwittingly opening malicious applications. The first time you open an application, your Mac asks you to confirm that you really do want to open it. Depending on your Gatekeeper settings, your Mac may refuse to open certain apps. Gatekeeper offered three options: you can open apps downloaded only from Apple’s App Store, you could open apps from the App Store and identified developers, or you could open apps from anywhere.

In macOS Sierra, the Anywhere option is gone. Now you only have two options. However, you can still open any app by right-clicking its icon, choosing Open, and then confirming that you want to open it. So you are not prevented from opening any apps, you are simply protected against opening apps from unidentified developers.

This said, I installed Sierra on two Macs and both of them offer the Anywhere option. Other people I know still see this option as well, and it’s not clear why some do and some don’t. There is a Terminal command you can run to disable this new limit, but I have never run this command.

A New File System

Apple is introducing Apple File System, a new way of storing files on disks and other media. As Apple says:

“Apple File System is a new, modern file system for iOS, macOS, tvOS, and watchOS. It is optimized for Flash/SSD storage and features strong encryption, copy-on-write metadata, space sharing, cloning for files and directories, snapshots, fast directory sizing, atomic safe-save primitives, and improved file system fundamentals.”

Now, you may not understand everything in the paragraph above, but it’s fair to say that this is the biggest under the hood change in the Mac’s operating system in a very long time. Encryption will be better and more efficient, and your files will be more secure because there is less of a risk of losing them if your computer or device crashes or shuts down. Time Machine will also be improved, because Apple File System will be able to record snapshots of your files.

Apple File System will debut in 2017, before the next major update to macOS, and you will be able to update your drives to Apple File System on the fly. It’s not available now, but if you want to find out more, you can read Apple’s Frequently Asked Questions about Apple File System on their developer site.

Under the Hood Security

There are lots more new security features under the hood that average Mac users don’t need to know about, but that help make macOS the most secure desktop platform. So don’t delay, upgrade to macOS Sierra and take a few minutes to check out these new security and privacy features to ensure that your data is secure.

Have something to say about this story? Share your comments below! 

About Kirk McElhearn

Kirk McElhearn writes about Apple products and more on his blog Kirkville. He is co-host of the Intego Mac Podcast, as well as several other podcasts, and is a regular contributor to The Mac Security Blog, TidBITS, and several other websites and publications. Kirk has written more than two dozen books, including Take Control books about Apple's media apps, Scrivener, and LaunchBar. Follow him on Twitter at @mcelhearn. View all posts by Kirk McElhearn →