Increased productivity is a good thing, but unsanctioned and unregulated AI use poses risks. A February 2025 TELUS Digital survey found that 57% of enterprise employees admit to entering high-risk information into publicly available chatbots. This includes personal data about employees or customers, product or project details, and confidential financial information like revenues, profit margins, budgets, and forecasts.

A clear AI policy will help a business minimize the risks of using AI tools. These risks include leaks of confidential information, compliance failures, accidental copyright violations, and reputational damage. As AI becomes a routine part of knowledge work, every business—even small firms—must establish an AI policy to maximize the benefits of using AI while safeguarding the company, its employees, and its clients.

Risks Addressed by a Formal AI Policy

Unauthorized AI use can create several types of problems:

• Data security: Employees routinely paste sensitive data—including customer information, financial records, and unreleased products—into public AI tools, thereby losing control over how that data is used. That can make security audits nearly impossible and drive IT staff crazy. Notably, the free versions of ChatGPT (by default, it can be turned off) and Google’s Gemini can incorporate user data into their training models, making it possible that the information could be included in a discussion with someone else.
• Legal and compliance risks: Sharing protected information with non-compliant AI systems could result in penalties during regulatory audits, even if no actual data breach or harm occurs. For instance, using such systems to summarize patient records could violate HIPAA, while using them to analyze customer data could run afoul of the California Consumer Privacy Act (CCPA).
• Unintentional discrimination: Without clear guidelines, the use of AI can lead to unintentional discrimination in hiring, customer service, and decision-making. This may violate ethical standards and expose the company to legal liability.
• Employee confusion: The lack of a coherent AI policy leads to inconsistent practices and uncertainty about acceptable tools and proper procedures, resulting in reduced productivity and increased anxiety about AI use.

Essential Elements of an AI Policy

The specifics of an AI policy vary by the type and size of company, but at minimum, most AI policies should include the following:

• Permitted AI uses and tools: Clear guidelines on the types of tasks employees may undertake with AI assistance and a list of approved AI platforms for business activities
• Data privacy and legal compliance: Rules for safeguarding confidential, personal, and proprietary information when using AI, coupled with rules that ensure adherence to relevant industry-specific regulations and privacy laws
• Human oversight and transparency: Requirements that employees thoroughly review AI-generated content before use and disclose AI involvement when appropriate in client-facing or public materials
• Risk reporting and incident response: Clear instructions for reporting AI-related errors, security incidents, or potential misuses
• Ownership and intellectual property clarifications: Statements affirming that work products created with AI assistance belong to the company. These statements should also address any intellectual property considerations.

Building Your AI Policy

If your company doesn’t already have an established process for generating policies, AI tools can themselves provide a starting point when used thoughtfully. Here’s an approach:

1. Prompt an AI tool like ChatGPT or Claude to generate a basic AI policy template. Be explicit about your company’s size, industry, and other relevant details, and be sure to specify that it must cover the elements listed above—you can paste them in. Iterate as necessary until the template has all the required sections.
2. Review the generated template carefully, removing generic content and noting areas that need company-specific details.
3. Ask for feedback on the draft from key stakeholders, including:
   • Leadership to align with company goals and values
   • IT team to verify technical feasibility and security measures
   • Legal counsel to ensure compliance with relevant regulations
   • Department heads to confirm that it will be practical to implement the policy
4. Incorporate the feedback to create a policy that reflects your company’s specific needs while maintaining necessary protections.

Remember: An AI-generated template is for starting the conversation. The final policy must be tailored to your organization’s specific needs and thoroughly vetted by relevant stakeholders.

The rise of AI tools in the workplace isn’t just a trend—it’s a fundamental shift in how work gets done. Whether your employees are already using AI tools without oversight or are hesitant to use them due to uncertainty, now is the time to establish a formal AI policy. Start with the template approach outlined above, engage your stakeholders, and develop guidelines that work for your organization. A well-crafted AI policy will help your business harness the benefits of AI while minimizing its risks.

MacTech Solutions can assist you  in business-to-business networking solutions.  Give us a call today!  940-767-MACS (6227).  MacTech Solutions, 4020 Rhea Rd, Suite 3B, Wichita Falls. Open Monday thru Friday, 10am to 6pm

(Featured image by iStock.com/girafchik123)

The post Why Every Business Needs an AI Policy first appeared on MacTech Solutions.

Passwords versus Passkeys

Traditional multi-factor authentication involves three methods of authentication, at least two of which are required for protection. They include something you know (a password), something you have (usually a code from an authenticator app or text message), and something you are (biometric authentication). Most systems primarily use the first two, but that leaves room for attack because someone could acquire your password and an authentication code through nefarious means.

Passkeys change the model. Instead of how passwords and codes use words and numbers that can be copied and shared, passkeys are pairs of cryptographic keys: a public key and a private key. Websites keep the public key, and the private key is stored securely within a device or encrypted vault, such as in the Secure Enclave in Apple’s chips or a 1Password vault. Authenticating with a website requires providing the private key that matches the account’s public key, something that Apple users with modern devices can usually initiate with Touch ID or Face ID.

Instead of generating security with something you have and something you know, passkeys rely on possession (do you have the device?) and presence (are you physically in front of the device?). This approach is fundamentally more secure than passwords because the private key can’t be phished, copied, or used remotely, and you must be physically present to unlock your device. Nor can you be tricked into providing a passkey to a malicious website. (Neither approach protects against physical coercion.)

Where Can You Use Passkeys?

In practice, since you use passkeys primarily to sign into websites, passkeys are stored alongside account details in your password manager. For Apple users, Safari (in iOS 16 or macOS 13 Ventura and later) with Apple’s Passwords app provides the most integrated passkey experience. However, most independent password managers, such as 1Password, Bitwarden, and Dashlane, also enable you to store, share, and enter passkeys and can take over for or work alongside Apple’s Passwords. They provide consistent passkey functionality across all major Web browsers, although experiences may vary slightly due to differences in how they handle authentication prompts and platform integration.

You’ll also find robust support in the Password Manager built into Google Chrome and other Chromium-based browsers, including Arc, Brave, Edge, Opera, and Vivaldi. Firefox’s native passkey support is more limited, but third-party password managers work well with Firefox. 

Although website support for passkeys was initially slow, an increasing number of sites now support them. That includes the big three of Apple, Google, and Microsoft, of course, as well as Amazon, Best Buy, Discord, eBay, GitHub, Intuit, Netflix, Notion, PayPal, Robinhood, Stripe, Target, Walmart, and WhatsApp.

Setting Up Passkeys

The process of setting up passkeys varies a little by website, but is generally remarkably easy. You may be prompted to create a passkey while signing in, or you may need to navigate to the security options associated with your account.

Google offers both approaches. Setting up a passkey for a Google Account can be as simple as agreeing to do so while logging in. If you’re already logged in, Google’s Passkeys and security keys page lets you make one. Once you click Create a Passkey, you’ll be prompted to save it in either Apple’s Passwords or another password manager like 1Password. That’s it.

Note that if you use both Passwords and another password manager, you can save the passkey in only one, and only that one can use it to sign in later. However, most sites that support passkeys let you add multiple passkeys, so you could save separate passkeys in different password managers.

Signing in with Passkeys

Similarly, using a passkey to sign in is trivially simple. You navigate to the website’s login page, enter your username, choose the passkey sign-in option if necessary, and then authenticate.

Exactly how you authenticate depends on the device you’re using and your password manager. On the Mac, Passwords will ask you to use Touch ID if available (above) or a dialog otherwise (below, left). 1Password, once unlocked for the session, presents a dialog with a Sign In button (below right).

On the iPhone and iPad, an authentication dialog appears at the bottom of the screen asking if you want to sign in with your passkey. Tap Continue and authenticate with Face ID or Touch ID (with a fallback to your passcode if necessary).

Unsurprisingly, Apple makes it particularly easy to sign in to Apple websites like iCloud.com using a passkey. As soon as you navigate to such a site in Safari, the device prompts you to sign in using your current Apple Account username and an implicit passkey.

When using other browsers or another Mac that lacks access to your passkey, selecting the passkey sign-in option displays a QR code that you need to scan with an iPhone or iPad that has the passkey stored on it.

Managing and Sharing Passkeys

As noted, passkeys are stored in accounts managed by a password manager. In fact, passkeys are currently stored alongside passwords in each account. There’s nothing to see or edit, although you can delete passkeys like any other data. Although deleting the passkey on your device guarantees that it can’t be used to sign in again, it’s best to also delete the passkey at the website where you created it to avoid confusion.

Passkeys are automatically synced among all your devices by the password manager so you can take advantage of them everywhere, but note that syncing is specific to just one password manager—for instance, iCloud Keychain doesn’t sync with 1Password or other third-party managers. The authentication method varies by device, but the overall experience remains the same. 

You can also share passkeys with other people in your family or workgroup, just as you would with password-only accounts. They can log in to your passkey-protected accounts because they can prove possession (they have the passkey) and presence (they’re authenticating). In essence, you’re saying, “This person is authorized to act as the account holder.”

Passkey Concerns

Although passkeys are a big step forward in usability and security compared to passwords, they’re not without limitations or concerns, which have slowed adoption:

• Account recoverability: Because passkeys are tied to devices, if a user loses all their devices and doesn’t have a cloud backup option (such as registering a new iPhone to an existing Apple Account or adding a new device to a 1Password account), it’s impossible to recover an account. This is primarily a concern for those who have only a single device and no one with whom to share.
• Sharing hurdles: If you want to give someone else passkey access to an account—perhaps a shared bank account—you must log in on their device and then create an additional passkey that is stored on their device. 
• Lack of portability: Although passkeys can be synced between devices using the same platform (iCloud Keychain, 1Password account, etc.), there’s no way to export a passkey from one platform and import it into another. You have to recreate passkeys from scratch for each platform. Vendors are working on the problem, but as you can imagine, enabling export/import opens up security concerns. 
• User confusion: People are, understandably, still unfamiliar with passkeys, leading many to avoid them on principle. It hasn’t helped that using passkeys is slightly different on every website. The industry is working to standardize the user experience, but we’re not there yet.
• Passwords still exist: No major websites allow passkey-only accounts. Since all accounts still have passwords that can be stolen, passkeys aren’t increasing security nearly as much as they could.
• Enterprise support: Large organizations want to know if a passkey was generated on a secure device, if it can be revoked or rotated, and if the user employing the passkey has truly been verified. Support for these requirements is still evolving.
• Digital inheritance: When passkey-only accounts become commonplace in the future, passkeys may be more challenging to manage in situations involving the user’s death. For now, the solution is to share passkey-protected accounts with family members in advance using a password manager. The industry would do well to establish standards around this inevitability.

Nonetheless, the perfect shouldn’t be the enemy of the good. Passkeys improve on passwords in both usability and security, and the best way to get to an easier, more secure future is to start using passkeys wherever possible today.

For more information on all the great Apple products, features, and services, give us a call!  940-767-MACS (6227).  Or stop by MacTech Solutions, 4020 Rhea Rd, Suite 3B, Wichita Falls.  We’re open Monday thru Friday, 10am to 6pm

(Featured image by iStock.com/tanit boonruen)

The post Why Passkeys Are Better than Passwords (And How to Use Them) first appeared on MacTech Solutions.

We’ll assume that you already keep your devices up to date, use FileVault on Macs, have at least a six-digit iOS passcode, have strong password habits, and use multi-factor authentication wherever possible. Other options are more specific to travel.

As with our more general article about increasing security last month, we’ve divided our list of suggestions into two parts: things that everyone should do and measures that only people who worry about being specifically targeted should employ.

Sensible Travel Security Precautions for Everyone

These suggestions are appropriate for everyone who travels, and they’re aimed primarily at avoiding relatively common problems: loss, theft, data loss, and generalized snooping:

• Focus on physical security: As a tourist, you may be targeted by thieves, so it’s important to keep your iPhone in a secure pocket whenever you’re not using it. Carry an iPad or laptop in a bag that can’t be snatched, or leave them locked or at least concealed in your hotel room.
• Enable Find My for all your devices: You should have already done this, but if not, enable Find My to improve your chances of finding a device you lose or accidentally leave behind. It might help if the device is stolen, but local police cooperation for recovering stolen items can vary widely. Don’t attempt to recover a stolen device yourself.
• Put AirTags in your luggage and laptop bags: AirTags can help you track down lost luggage—you can now share their locations with airlines—and prevent you from accidentally leaving bags behind. An AirTag may also help with locating a stolen item, but always work with local law enforcement.
• Enable biometric authentication and Stolen Device Protection: Using Face ID or Touch ID wherever possible and having Stolen Device Protection enabled on your iPhone in Settings > Face/Touch ID & Passcode is even more important when traveling.
• Use a VPN or iCloud Private Relay: Because you may be using Wi-Fi networks whose security you know nothing about, it’s best to use a VPN like Mullvad VPN, NordVPN, or ProtonVPN to encrypt all your traffic. At a minimum, use iCloud Private Relay, which requires an iCloud+ subscription and won’t encrypt traffic from most non-Apple apps.
• Use iCloud Photos or another backup option: To ensure you don’t lose precious vacation photos, use iCloud Photos so all your photos are uploaded to the cloud whenever you have access. This will almost certainly require an iCloud+ subscription for sufficient storage space. If Wi-Fi and cellular are too slow or unavailable, consider an external SSD to which you can manually export photos and videos for backup. To speed up the process, you could create a shortcut that automatically copies all photos taken that day.
• Use iCloud Backup: It’s best to use iCloud Backup to back up your entire iPhone every night. That way, if your iPhone is lost or destroyed, you may be able to buy a replacement and restore from backup in relatively little time. You will probably need an iCloud+ subscription to have enough backup space.
• Practice dealing with a lost or stolen device: If the worst happens and you lose one of your devices while traveling, you need to know what to do. Immediately go to Find My on another device or iCloud.com and mark the device as lost. If there’s a chance of getting it back, stop there. However, if you believe the device was stolen, your data is at risk, and tracking it is no longer useful, use Erase This Device in Find My to wipe it. Activation Lock will remain enabled to prevent anyone from reusing the device.

Increasing Travel Security for People Who May Be Targeted

Not all travel is fondue and gamelans. If you’re a journalist, activist, government employee, or corporate executive with access to sensitive data, you could be a target while traveling. This is particularly true if you are headed to countries like China, Russia, or others with authoritarian governments and powerful intelligence agencies. Along with the suggestions above, we recommend:

• Be aware of local laws and government practices: It’s important to read up on regional laws regarding data access and potential government capabilities at your destination. Knowing what to expect can help you reduce your risks and take appropriate precautions.
• Use caution with cellular access: Even if your carrier allows roaming, consider using a dedicated eSIM for international travel, separate from your personal one. That way, you can use local cellular networks without revealing your home number. Be aware that your traffic may be monitored.
• Enable Lockdown Mode: If you’re concerned about your iPhone or iPad being targeted by local law enforcement or government intelligence agencies, turn on Lockdown Mode in Settings > Privacy & Security > Lockdown Mode. To increase security, it blocks most attachment types in Messages, complex Web technologies, incoming FaceTime calls from unknown callers, non-secure Wi-Fi network connections, and incoming invitations to Apple services. Plus, it excludes location information from shared photos, requires approval to connect accessories, and more.
• Reduce and protect your use of cloud services: While using a VPN is essential, you should still avoid using cloud services much if government entities might have access to stored files. If you need to upload files, encrypt them first using the free and open-source Cryptomator.
• Know how to disable Face ID and Touch ID: If you find yourself in a situation where you believe you may be compelled to unlock your iPhone or iPad with your face or fingerprint, press and hold the side or top button and either volume button to display the power off slider. This temporarily disables biometric authentication, requiring your passcode for the next unlock.
• Use dedicated travel devices and accounts: If you’re traveling to a potentially hostile part of the world, we strongly recommend carrying only devices—preferably iPhones or iPads, which are more secure than Macs—configured to contain none of your personal data or regular accounts. Keep them with you at all times, assume they could be confiscated, and be aware you might be compelled to share passcodes or other account information. Create a separate Apple Account for such devices.

Best of luck in your travels! With just a little preparation, you can reduce the chances that something bad will happen during a vacation. If you’re traveling on business to somewhere more concerning, putting in additional effort could prevent truly problematic things from happening.

For more information on all the great Apple products, features, and services, give us a call!  940-767-MACS (6227).  Or stop by MacTech Solutions, 4020 Rhea Rd, Suite 3B, Wichita Falls.  We’re open Monday thru Friday, 10am to 6pm

(Featured image by iStock.com/metamorworks)

The post Security Precautions to Take While Traveling first appeared on MacTech Solutions.

For more information on all the great Apple products, features, and services, give us a call!  940-767-MACS (6227).  Or stop by MacTech Solutions, 4020 Rhea Rd, Suite 3B, Wichita Falls.  We’re open Monday thru Friday, 10am to 6pm

(Featured image based on an original by iStock.com/Armastas)

The post Don’t Assume That Top Google Search Results Are Guaranteed Safe first appeared on MacTech Solutions.

No one is sticking floppies to their fridge anymore, but we still occasionally see the modern equivalent: saving data or documents in places that are likely to disappear. Just as you shouldn’t write the only copy of essential information on an easily erased whiteboard, you shouldn’t store important data in any of these locations:

• Unsaved documents: While autosave is becoming more common, it isn’t universal and often doesn’t activate until a document has been saved for the first time. When you create a new document, always save it right away, before you do anything else. Otherwise, you risk losing all your work if the app crashes, the Mac kernel panics, or the power goes out.
• Trash: We know, we know! Who would put something in the Trash that they want to keep? But it happens. Don’t do that! On the other hand, there’s also no reason to empty your Trash regularly unless you’re low on space. A good compromise is to choose Finder > Settings > Advanced and select “Remove items from the Trash after 30 days.” This way, you’ll always have a 30-day grace period to recover mistakenly deleted items.
• Clipboard: Most people know that the clipboard serves as a temporary holding place, overwritten with each new Copy or Cut. However, if you’re unaware of this, you might write something lengthy, use Cut to place it on the clipboard with the intention of pasting it elsewhere, and then forget to do so right away, resulting in data loss on the next use of Copy or Cut. Always paste anything you cut immediately. Many utilities (such as Copy ‘Em, Keyboard Maestro, LaunchBar, Pastebot, and Raycast) provide clipboard history so you don’t lose clipboard data immediately, but you still shouldn’t rely on it persisting indefinitely.
• Email Drafts mailbox: There’s nothing wrong with starting an email and coming back to it later to finish—that’s the point of the Drafts mailbox. It’s also a sensible way to begin a message on one device and complete it on another. However, avoid storing anything in Drafts for an extended period, and be aware that items there may disappear without warning. (And never, ever store anything in your email Trash mailbox—it will be deleted eventually.)
• Temporary folders: Thanks to its Unix roots, macOS includes several temporary folders, one located at /tmp and others specific to each user. These folders are cleared regularly, such as when the Mac is restarted, left idle for a long time, or when drive space is low. Storing important data in a temporary folder is a digital version of Russian roulette.
• Downloads folder: Although the Downloads folder isn’t inherently volatile, it’s unwise to store anything important there. You might forget about that document while tidying up and accidentally delete it, or you might use a cleanup tool in the future that does it for you.
• USB flash drives: There is nothing wrong with putting files on a USB flash drive. However, avoid storing the only copy of an important file on one, as it is too easy for the drive to be lost or damaged.
• Public computers, virtual machines, and sandboxed environments: This scenario is unlikely but not impossible. Imagine you’re working on a public computer in a lab and save a file on the desktop. When that computer reboots, it will likely delete all data to return to a fresh state for the next user. The same could apply to a virtual machine used for testing or a sandboxed environment that you log in to remotely.

There are also a few locations that generally aren’t problematic but deserve extra attention due to the higher likelihood of losing data:

• Third-party app folders in ~/Library: Some apps store their data in folders they maintain within your user account’s Library folder. While this is acceptable for data managed by those apps, we advise against putting anything else in these folders since it’s impossible to know how the app might deal with data it doesn’t recognize during a cleanup or major update.
• Desktop: It’s fine to work on documents stored on the desktop, but we recommend filing them away carefully when you’re finished. If you frequently move files in and out of your desktop, it’s all too easy to delete something important accidentally. Additionally, if you have iCloud Drive’s Desktop & Documents folder syncing enabled, you might unintentionally delete files from another Mac due to being in a different context.
• Box, Dropbox, Google Drive, iCloud Drive: Cloud storage services are entirely acceptable locations for important data, but they all offer options that store files only online, downloading them only when necessary. These options may prevent online-only files from being accessible when you’re offline or from being backed up locally. Worse, if you share cloud storage with others for collaboration, they could accidentally delete your data. Be sure to enable any available version history options and ensure everything is backed up locally.
• External drives or network storage: Many individuals and organizations store essential files and data on external drives and network storage. This approach is perfectly valid, provided that these locations are backed up. When designing your backup system, remember to include your external drives, network servers, and NAS devices. Lastly, if an external drive is encrypted, ensure that you have a backup of both its data and the decryption key.

If you want to avoid all these issues, save your files in your Documents folder and make sure you have a solid backup strategy.

Don’t Leave Your Important Work to Chance

At MacTech Solutions, we’re jealously protective of our customers’ data — and we can help you build a backup strategy that fits your life.

Whether it’s organizing your files, setting up Time Machine, or choosing the best storage options, you don’t have to do it alone.

Visit MacTech Solutions today in Finishing Touch Plaza, Wichita Falls — and let’s keep your digital life safe, secure, and stress-free.

(Featured image based on an original by iStock.com/shutjane)

The post Never Save Your Work in These Locations first appeared on MacTech Solutions.

The effort and inconvenience that different people are willing to endure also vary. Higher levels of security often necessitate significant effort and inconvenience. We have divided our list of suggestions—roughly organized from easiest to hardest—into two sections: actions we believe everyone should take and security measures mainly for those most concerned and willing to tolerate some fuss.

Before we delve into the details, it is important to remember that privacy and security are not the same thing. Privacy refers to the proper collection, use, and governance of personal data. Security, conversely, is concerned with protecting data from unauthorized access and malicious threats. It entails defending data against external dangers, while privacy ensures that the management and use of that data adhere to agreed-upon standards.

Security Improvements for Everyone

These actions are generally beneficial for most users. They don’t require much technical knowledge and can often be accomplished with easily accessible tools and settings:

• Keep apps and operating systems up to date: Nearly every operating system update from Apple addresses numerous security vulnerabilities, and the same is often true for major apps. Always ensure you’re running current versions to take advantage of all those security improvements.
• Enable FileVault: While all data on the internal SSDs of Macs with Apple silicon and Intel-based Macs with the T2 chip is automatically encrypted to prevent unauthorized access if the SSD is removed, it is automatically decrypted whenever the Mac boots, even before you log in. To link decryption to your user account, which makes your login password necessary to decrypt all data, enable FileVault in System Settings > Privacy & Security > FileVault. There are essentially no drawbacks.
• Improve your passcode: For nearly a decade, it has been easy to set a six-digit passcode on the iPhone and iPad, greatly enhancing security compared to the previous standard four-digit passcode (1 million possible combinations versus only 10,000). If you still use four digits, consider switching to six digits, a custom number of digits, or a custom alphanumeric passcode in Settings > Face ID/Touch ID & Passcode > Change Passcode > Passcode Options. Alphanumeric passcodes offer the highest level of security but are more challenging to type.
• Turn on biometric authentication and Stolen Device Protection: If you aren’t already using Face ID or Touch ID on your iPhone or iPad, that’s a mistake. Both provide significantly stronger security than repeatedly entering your passcode, which could be observed. Turn on biometric authentication and Apple’s Stolen Device Protection in Settings > Face/Touch ID & Passcode.
• Adopt strong password habits: If security matters at all to you, you must use a strong, unique password for each online account and never reuse a password. It’s easy and secure as long as you create and store passwords with a password manager like Apple’s Passwords or 1Password.
• Enable MFA whenever it’s available: Multi-factor authentication greatly enhances security, safeguarding you even if your password is compromised in a breach. It typically requires entering a six-digit code that you retrieve from an app or receive via text message. Apple’s Passwords and 1Password can both automatically enter MFA codes for many websites.
• Use an ad blocker: Much of today’s surveillance society relies on ads to track you. Anything you can do to block ads will enhance your privacy, so use ad blockers whenever possible. Highly regarded options include 1Blocker, AdGuard, NextDNS, and uBlock Origin.
• Enable privacy and security features in Web browsers: Safari can prevent cross-site tracking and hide your IP address, along with other privacy and security features. In Safari > Settings, review all the options in the Privacy and Security screens and enable those that are appropriate. (Keep cookies and JavaScript enabled; many sites won’t function properly without them.) If you don’t use Safari, choose Brave or Firefox instead of Google Chrome.
• Utilize secure DNS services: To enhance browsing privacy and protect against DNS leaks, configure your devices to use a privacy-focused DNS service like Cloudflare’s 1.1.1.1 or Quad9’s 9.9.9.9.
• Minimize app exposure: Be vigilant about iPhone or iPad apps that might be sharing information about you with data brokers without your knowledge. Specifically:
  • Turn off Settings > Privacy & Security > Tracking > Allow Apps to Request to Track.
  • Rescind location tracking permissions for all apps except those that require it, such as navigation or weather apps, in Settings > Privacy & Security > Location Services.
  • Delete apps you’re not using to prevent them from spying on you.

Security Improvements for the Particularly Concerned

Implementing these actions may require extra steps, specialized knowledge, or significant changes in habits. They’re primarily for those with heightened concerns or those at greater risk, such as journalists, activists, and individuals handling sensitive data:

• Use independent search engines: Google and Microsoft are known for collecting information about their users. To keep your searches private, use a search engine that prioritizes privacy, such as DuckDuckGo, Brave Search, Kagi, or Startpage.
• Protect network traffic: While we used to recommend ensuring you were using secure HTTP (HTTPS) connections, that’s now the bare minimum. For greater privacy while browsing the Web with Safari, turn on iCloud Private Relay in Settings/System Settings > Your Name > iCloud > Private Relay. (This requires an iCloud+ subscription and won’t encrypt traffic from most non-Apple apps.) More broadly, you can safeguard all your traffic by using a trusted VPN service like Mullvad VPN, NordVPN, or ProtonVPN.
• Activate Advanced Data Protection: End-to-end encryption (E2EE) keeps your online data private from everyone, including cloud providers. However, it requires you to manage your encryption keys, which means no one can help recover your data if you lose those keys. You can enable E2EE with Apple services using Advanced Data Protection; turn it on in Settings/System Settings > Your Name > iCloud > Advanced Data Protection.
• Use encrypted messaging: The iMessage system used by Apple’s Messages app for blue bubble conversations is highly secure, particularly with Advanced Data Protection enabled. However, for the most secure messaging with E2EE, look to Signal. While WhatsApp also offers E2EE, its backups might not be encrypted, and its parent company, Meta, is one of the most egregious privacy abusers on the planet.
• Regularly review and revoke permissions: Periodically check and manage app permissions on your device to ensure that no apps have unnecessary access to sensitive information, such as your contacts or location. Work through the options in Settings/System Settings > Privacy & Security and revoke permissions for anything that seems inappropriate. Apps that require additional permissions will always prompt you again.
• Encrypt cloud-stored data: To ensure that cloud storage services like Box, Dropbox, Google Drive, and OneDrive cannot read your data, use the free and open source Cryptomator to encrypt it first.
• Use encrypted email: While it’s impossible to ensure that email will remain private because you can’t control your recipients’ actions, the most privacy-focused email services are ProtonMail and Tuta Mail. They employ E2EE for emails sent to other users of the same service and allow the encryption of email messages sent to any external recipient.
• Reduce reliance on cloud services: If you have general concerns about cloud services, consider exploring peer-to-peer alternatives that remove the need for a central provider. You can find peer-to-peer solutions for file storage, file sharing, chat and messaging, videoconferencing, collaborative documents, cloud-based notes, and more.
• Avoid social media: Posting on social media, especially on platforms owned by large corporations, allows those companies to create a comprehensive profile of you that is shared with advertisers and is vulnerable to data breaches. Further, any information you disclose about yourself could be exploited by hackers in social engineering attacks targeting your accounts. Consider replacing social media with independent forums devoted to your interests and private messaging spaces for friends and family.

Ultimately, enhancing privacy and security is your responsibility. Apple and other companies may offer tools to assist, but it’s up to you to implement them and stay vigilant against new threats. We’re also happy to provide advice and assistance.

Protect Your Digital Life with Confidence

Staying safe online doesn’t have to be complicated — and you don’t have to figure it out alone.

At MacTech Solutions, we’re passionate about helping you protect your digital life.

Whether you need help securing your Mac, your iPhone, or your online accounts, we’re here for you.

Stop by MacTech Solutions in Finishing Touch Plaza in Wichita Falls — and let’s make sure your digital world stays safe, private, and protected.

For more information on all the great Apple products, features, and services, give us a call!  940-767-MACS (6227).  Or stop by MacTech Solutions, 4020 Rhea Rd, Suite 3B, Wichita Falls.  We’re open Monday thru Friday, 10am to 6pm

(Featured image by iStock.com/andreusK)

The post Protect Your Digital Life: Quick Privacy and Security Tips You Can Use Now first appeared on MacTech Solutions.

What about a safe? Would storing one or more backup drives in a safe provide adequate protection? Possibly, but the details are critical. Some safes are designed solely to guard against theft, focusing on preventing thieves from opening the door. However, paper ignites at 451ºF (it chars around 387ºF), and most house fires reach temperatures between 800ºF and 1200ºF, so you may think that all you need to do is look for a “fireproof” safe. That’s a good start, but paper is actually much more resilient than magnetic and optical media.

Fireproof safes come with ratings that indicate the internal temperature they can maintain, with the most common being:

• Class 350: Safes maintain an internal temperature of 350ºF, suitable only for paper.
• Class 150: Safes keep the interior below 150ºF, which should protect magnetic media.
• Class 125: Safes maintain temperatures under 125ºF, appropriate for optical media.

It is also important to determine how long the safe can maintain that temperature. Generally speaking, a fireproof safe is rated for 1 or 2 hours, indicating it can maintain the specified internal temperature for at least that duration. Time ratings represent minimums, not maximums, so the actual protection time may be longer.

In most cases, the protection time is likely to be longer. That’s because safes are tested in furnaces at temperatures that can be two to three times hotter than the average house fire. For example, Underwriters Laboratory (one of several independent testing labs) conducts tests at 1700ºF or 1850ºF. Additionally, while a house fire may burn for several hours, the average fire will consume everything near the safe within 20 minutes and then move on.

Wildfires are a different story. In extreme conditions, wildfire temperatures can range from 1500ºF to 2200ºF, approaching or exceeding the testing conditions. Wildfires also last longer, so a safe in a destroyed building may remain in embers for hours or even days before it can be recovered.

While temperature over time is the main factor to consider when researching a fireproof safe, also look for two other variables being mentioned as well:

• Water resistance: Where there’s fire, there’s usually water. Thousands of gallons of water, some of which will undoubtedly affect the safe. Not all fireproof safes are waterproof, so verify whether a specific safe can withstand being doused by firefighters.
• Impact protection: If the floor collapses, a safe on an upper story could fall a considerable distance. If you are considering such a location, ensure the safe can withstand the impact. To simulate realistic fire conditions, the test may involve withstanding a 30-foot drop onto a concrete floor, followed by reheating.

Finally, remember that if your safe is in a fire, the heat will cause its insulation to swell up, rendering the lock useless, regardless of its type. Typically, you will need to hire a locksmith to access the safe using instructions from the manufacturer.

If you’re going to trust your data to a fireproof safe, do your research to ensure that whatever you buy will meet your needs for fire, water, and impact protection. It won’t be cheap—depending on the size and other factors, a good fireproof safe can cost many hundreds or even thousands of dollars. However, this is one area where you definitely shouldn’t cut corners.

(Featured image based on originals by iStock.com/phive2015 and Hanna Plonsak)

The post When Purchasing a Fireproof Safe, Pay Attention to the Details first appeared on MacTech Solutions.

While email service providers excel at their primary functions of sending, receiving, and storing emails, they prioritize availability and uptime over backup and recovery. Depending solely on their built-in protection systems can leave organizations vulnerable to data loss. Although it’s exceedingly rare for email service providers to lose data due to system failures—all modern email systems are distributed and replicated in virtualized storage—they cannot safeguard against every risk. Here are some scenarios we’ve encountered where a separate email backup solution was useful:

• Recover from human error: This is the big one. People often accidentally delete important messages or clean out old messages too aggressively, inadvertently including critical conversations in a mass deletion. Backups ensure that these messages can be retrieved.
• Ease employee turnover: When employees leave, it’s essential to deactivate their email accounts for security reasons. However, information in their accounts may be vital for ongoing projects or legal purposes. Backups preserve this data for future access.
• Mitigate cyber threats: Phishing attacks are commonplace today. If an employee falls victim to one, their email account could be compromised and data lost. Worse still, the attacker could install malware—even ransomware, though that’s not a significant real-world concern for Apple-only installations—that could result in email data loss. While training employees to recognize and avoid phishing attacks is crucial, backups provide an essential safety net for anyone who makes a mistake.
• Facilitate data migration and archiving: Organizations often need to migrate email data from one system or user to another. While it’s rarely necessary or desirable to migrate everything—all the mail from the past year may be sufficient—it can be helpful to maintain archival access to historical communications.

In fact, both Google and Microsoft explicitly state that they store data for only a limited time and recommend employing a backup service. (The specifics may differ, but generally, you can retrieve a deleted email within 30 days, after which it may be recoverable for an additional 14 or 30 days.) Numerous companies provide email backup services, many of which are quite similar. The list below highlights some of the most common services, but we encourage you to reach out for recommendations based on your email service provider and organization size.

• CloudAlly offers unlimited data retention and extends its backup capabilities beyond email to encompass platforms such as Box, Dropbox, and Salesforce.
• CubeBackup focuses exclusively on Google Workspace and Microsoft 365. It provides a cost-effective solution by allowing users to utilize their own local or remote storage.
• Backupify and Datto SaaS Protection are from the same company and offer the same backup capabilities, but they serve different market segments. Datto further enhances its branded services with a range of business continuity and data protection tools.
• Dropsuite provides unlimited storage and also supports QuickBooks Online backup. It features a flexible backup cadence, with email backups up to 12 times per day.
• MSP360 Managed Backup is a feature-rich solution that, while more complex and potentially more expensive than those from competitors, offers extensive customization and supports a wide range of storage providers.
• Spanning goes beyond Google Workspace and Microsoft 365 with Salesforce backups. It offers highly granular restores, enabling the recovery of individual emails. Its FLEXspend feature simplifies backup expenditures when transitioning between platforms.
• SpinBackup offers disaster recovery services at an affordable price point, and its developer, Spin.ai, provides a wide range of security solutions beyond backup, including data leak and ransomware protection.
• Synology Active Backup includes free add-ons for Google Workspace and Microsoft 365 that back up cloud data to a Synology NAS. It’s an excellent solution for avoiding ongoing expenses.

As important as an email backup solution is for protecting against data loss, we urge you to proceed carefully when selecting one. If you end up with data that exists solely in a particular solution, legal retention requirements or the inability to export data in a non-proprietary format may lock you into paying for it indefinitely. Ideally, keep all data live so you can transition to a different solution to meet changing needs. Again, please contact us for help picking the most appropriate solution for your needs.

Protect Your Email — and Meet Compliance Requirements

Whether you’re managing a business, a professional office, or your personal communications, dedicated email backup and archiving are critical for protecting important information — and in some cases, meeting legal or regulatory compliance.

At MacTech Solutions, we can help you choose the right backup solution, set up compliant email archiving, or both — depending on your needs.

Stop by our store in Finishing Touch Plaza here in Wichita Falls, give us a call, or visit our website to schedule an appointment — although appointments are never required.

We’re your trusted local experts — ready to help you safeguard your email and your peace of mind.

(Featured image by iStock.com/Rasi Bhadramani)

The post Businesses, Don’t Overlook Email Backup first appeared on MacTech Solutions.

Website owners are the target of this scam email, which purports to come from a lawyer. The message states that an image on your site has been used without permission. Such a claim is all too believable for many, especially those who may not have been as careful about usage permissions in the distant past as they are today. The message includes a link to the image, a link to the purportedly infringing page, and a threat to initiate legal action if certain actions aren’t taken within five business days

Unusually, the email doesn’t ask you to take down the infringing image or pay a retroactive licensing fee. Instead, it says you must credit the image’s copyright holder and include a link. Such a simple request seems like a huge win—instead of paying a licensing fee or worrying about being sued, you can twiddle a little HTML and move on with your life.

Don’t do it! This is what’s called a “link insertion scam.” It exploits the search engine optimization principle that links on reputable sites provide legitimacy to linked sites, helping them move up in the search rankings. Unfortunately, the reverse is also true; linking to a scammer from your website will cause Google and other search engines to penalize your site in the search rankings.

Unfortunately, these copyright infringement scams look legitimate at first glance, as you can see in this example. The From and Subject lines don’t seem forged or malformed, and there are no obvious grammatical errors or indications that the writer doesn’t speak fluent English. And when you click the link in the signature, you end up at what appears to be the website of a real law firm. What should you do if you receive a message like this?

First, don’t panic. Just because the message looks legitimate doesn’t mean it comes from a real lawyer. Also, don’t call your lawyer unless they’re willing to work for free. You can save stress, time, and money by evaluating the message yourself.

A few details in the message suggest that it’s not real:

• The domain in the From line’s email address—elitejusticeadvisors.biz—sounds sketchy and doesn’t match the company name.
• The Subject line of “DMCA Copyright Infringement Notice” sounds official, but those familiar with the DMCA will know that it can be used only for a formal notice-and-takedown process, not to make demands for attribution or payment. But most people won’t know that.
• The message is addressed to the generic “Dear owner of,” whereas legitimate messages from a lawyer would be addressed to a specific entity.
• The required link URL points to a telecom news site in Sri Lanka, and it’s odd that an Arizona lawyer would be working for such a client.
• The example of the purportedly infringing image is hosted at Imgur, a consumer image-hosting site known for funny pet pictures and cringeworthy GIFs. Legal firms would always use some sort of case management site.

Those details may feel wrong, but they’re insufficient to prove it’s a scam. You’ll need to dig deeper. Here are some ways you can do that:

• Investigate the domain: Do a Web search on the domain in question: elitejusticeadvisors.biz. Because others have written about this scam, articles identifying it as a scam will appear on the first page of the results.
• Search for the lawyer and firm: The lawyer’s name is too generic to yield revealing results, but if you do a Web search on “Dean Parker Commonwealth Legal Services,” you’ll once again see that others have identified it as a scam.
• Check a state bar association directory: Most state bar associations or state courts have a searchable directory of licensed legal professionals. A quick search of the State Bar of Arizona’s member directory reveals that no “Dean Parker” is licensed in Arizona.
• See if the headshot matches a real person: If the website provides a headshot, you can copy the image (Control-click it and choose Copy Image) and paste it into the TinEye reverse image search engine. Since all the results say “generated.photos,” it’s a good bet that the image was AI-generated.
  
• Search for the company’s full name and address: As with the name of the lawyer, the generic-sounding name of the law firm will probably match other companies. However, if you search for the full name and address, you’ll likely turn up articles about it being fake.
• Visit the address virtually: With Apple Maps and Google Maps, you can verify that a business is present at a location (or not) and often view the offices using Google Street View. Both mapping tools show no law firm at the provided address. Additionally, the building does not have a fourth floor, as specified in the address.
  
• Ask ChatGPT: Now that ChatGPT has access to current Web information, it’s worth pasting the complete contents of the message into a ChatGPT conversation and asking it to tell you about the message. Start generally, but then ask if it thinks the message might be a scam, and if so, to suggest ways you could verify your suspicions.

Some of the above search suggestions identify the scam only because the scammer has reused the same company name, lawyer name, physical address, and website. If you were the first to be targeted by a new scam, the state bar association search and physical address check would be the most likely to expose it.

Let us leave you with an important caveat. You shouldn’t assume that all copyright infringement messages are scams. A legitimate DMCA takedown notice will ask you to remove the content, and a real copyright infringement message—probably from a company that specializes in such matters rather than a lawyer—will likely demand payment. In both cases, take down the offending image right away. If you really were using an image without permission, some payment may be required, and if the amount feels excessive, contact a lawyer specializing in copyright infringement cases. They may be able to negotiate a lower payment or point out issues that will make the claim go away.

(Featured image based on an original by iStock.com/Olivier Le Moal)

The post Website Owners: Identifying Copyright Infringement Link Insertion Scams first appeared on MacTech Solutions.

Without a systematic offboarding protocol, organizations face significant risks related to data security, device mismanagement, operational disruptions, and compliance violations. In a particularly troubling example, a fired employee allegedly hacked Disney World’s menu creation system, changing prices, adding profanity, and—most problematically—adjusting allergen information in ways that could have caused someone allergic to peanuts to order food that contained them.

Obviously, offboarding has various administrative aspects. We’ll focus on those associated with technical infrastructure, but it’s also important to consider how you’ll communicate internally about the departure and any human resources and legal matters.

Our overarching advice regarding offboarding is to establish a formal protocol so everyone knows what’s involved. That’s particularly important for departures that happen with little notice. When building your offboarding plan, consider these three parts of the process: revoking access, retrieving devices, and preserving the organization’s data.

Revoke Digital Access

When offboarding an employee, the most important thing to consider is how you’ll revoke their digital access to organizational resources such as email, a shared password manager, and core service accounts. For those who are retiring or staying to train their replacement, access revocation can proceed gradually on a schedule. This approach provides sufficient time to transition ongoing projects and communications.

However, in most cases, it’s safest to revoke access immediately, especially when an employee has been terminated involuntarily due to layoffs, performance problems, or misconduct, or when dealing with employees in high-security roles, such as IT administrators, members of the legal team, or high-ranking executives. Even if their departure isn’t contentious, the risk of data leakage is too high.

Revoking access is significantly easier if you’re using Apple Business Manager and an MDM platform. Because Apple Business Manager lets you use federated Apple Accounts, it’s simple to revoke access to iCloud and other Apple services. Plus, because Apple Business Manager makes it possible to separate personal Apple Accounts and their associated data, employees can move their personal data off an organization’s device more easily.

MDM—mobile device management—is even more important because it enables administrators to revoke access to organization-managed email accounts, VPNs, Wi-Fi networks, and cloud services. If a device isn’t returned, an MDM platform can remotely lock, wipe, or reset it. For BYOD scenarios (Bring Your Own Device, where employees use their own devices rather than organization-owned ones), a properly configured MDM allows the removal of organizational data and profiles without affecting personal data.

Using an identity provider like Google Workspace, Microsoft Entra ID, or Okta with a single sign-on system makes revoking access even more straightforward. These services tie access to an organization’s apps, resources, and devices to a single login, so deactivating a departing employee’s account in the identity provider instantly cuts off access to all connected systems. Otherwise, you’ll find yourself doing the dance of deactivating Google, then Adobe, then Slack, and so on. It’s tedious and potentially error-prone.

Finally, the combination of an MDM system with single sign-on can also help monitor employee behavior during the offboarding period for unusual activities. You’ll want to know if a terminated employee logs in to a confidential database that they have no reason to access immediately after receiving notice.

Retrieve Organization Devices

Another key aspect of your offboarding plan should revolve around retrieving organization-owned devices. Even if you can use MDM to revoke access, you need to get your devices back so they can be given to other employees or held in reserve as backups. Apple Business Manager helps here, too, since it tracks all registered devices owned by the organization and can reassign devices to new users.

The real win of Apple Business Manager in this regard is that it lets you turn off Activation Lock on all supervised devices, whether it was turned on using a federated Apple or personal Apple Account. Without Apple Business Manager, you may have to work with the employee to regain access to the device. If that’s not possible, Apple support may be able to help unlock the device if you can provide proof of purchase and ownership.

To ensure you don’t end up in such an awkward situation, follow these best practices when using Apple Business Manager:

• Make sure to purchase Apple devices through Apple Business Manager-compatible channels.
• Use Automated Device Enrollment to ensure that devices are supervised and managed by MDM out of the box.
• Rely on federated Apple IDs to ensure the organization retains control over organizational content within Managed Apple Accounts.

Preserve Organization Data and Communications

Finally, think about what the departing employee was doing. You’ll want to transfer or archive everything they worked on, including their organizational email account. In most cases, someone else will have to take over their responsibilities and may need access to emails, files, contacts, and more.

An identity provider can help by transferring ownership of cloud-based files and other data stored in Google Workspace or Microsoft 365. Without one, you’ll have to review all their online files and reassign ownership manually.

Email requires additional thought. You’ll probably want to forward the departing employee’s email to whoever is taking over. If that’s not feasible, set up an auto-reply explaining that the employee is no longer available and providing alternative contacts. In that case, it’s also worth scanning the incoming email periodically to ensure essential communications aren’t being missed.

Next Steps

If you don’t have a formal offboarding policy, we recommend developing one soon to ensure that you aren’t at risk for data security, device mismanagement, or operational disruptions. It’s one of those tasks that are easy to put off until it’s too late, at which point you have to scramble. You can find offboarding policy templates and other resources online, and we’re happy to discuss the tech-specific aspects when you’re ready.

Of course, if you’re not already using Apple Business Manager and an MDM solution, getting started with them is even more important to implement right away. Contact us to discuss what’s involved.

MacTech Solutions is here to serve all your B2B technology needs.  Call us today to schedule a one-on-one meeting to assess your companies needs.  940-767-MACS (6227) or contact us here

(Featured image by iStock.com/yacobchuk)

The post The Importance of Properly Offboarding Employees first appeared on MacTech Solutions.

Give us a call today!  940-767-MACS (6227)

MacTech Solutions, 4020 Rhea Rd, Suite 3B, Wichita Falls

Open Monday thru Friday, 10am to 6pm

(Featured image by iStock.com/Moostocker)

The post Watch Out for PayPal Invoice Phishing Scams first appeared on MacTech Solutions.

Much of this is possible because people use apps that reveal their location to data brokers, who package the information and resell it to companies like Babel Street. Apple does have an advantage here—Atlas estimated they could locate roughly 80% of Android phones but only 25% of iPhones. That’s due to Apple’s App Tracking Transparency feature, introduced in iOS 14.5, which requires apps to get permission from users before tracking them for third-party advertising purposes. Unfortunately, many people unthinkingly grant such permissions, and location and identification data can also leak out in other ways.

Although it’s difficult to avoid being tracked by data brokers entirely, you can drastically reduce the likelihood and frequency of tracking, which helps ensure that any location information that does become available isn’t sufficient to identify you personally. Your employer may also consider your location to be sensitive information and want you to restrict it to the extent possible. To achieve this, you’ll need to adjust settings in several parts of Settings > Privacy & Security on your iPhone (and iPad, if you regularly use it in multiple locations).

Turn Off Allow Apps to Request to Track

You’ll find the most important setting in Settings > Privacy & Security > Tracking. At the top of the screen is a switch labeled Allow Apps to Request to Track. Make sure that is off! If it has been on in the past, apps that have requested permission will appear below.

By preventing apps from even asking if they can track you, you keep them from sharing a unique identifier associated with your iPhone with other apps and websites. Otherwise, advertisers can follow you from app to app and website to website, gathering information about you—often including your physical location—as you go about your life.

Don’t let apps persuade you to turn this setting on or allow them to track you. Apple’s rules explicitly forbid them from reducing functionality to those who refuse to allow tracking.

Allow Location Access Only for Apps That Need It

While you can turn off Allow Apps to Request to Track with a single switch, preventing apps from seeing your location requires more targeted work. Although Settings > Privacy & Security > Location Services has a big Location Services switch, turning that off will drastically reduce the utility of your iPhone. You won’t be able to get directions from Maps, tag photos with their location, share your location with family members, and much more.

Instead, for each app in the list, determine what level of location access you want to grant based on its function and description of why it needs access. Grant the minimal level of access necessary, which varies by app. Navigation apps need location access to work at all. Camera apps need it to geotag photos. Weather apps use it to provide custom weather reports and extreme weather notifications. But do you want to give a social media app access to your location at all times?

Apple provides five location access levels:

• Never: Choose Never for any app with questionable explanations of why location access is requested.
• Ask Next Time or When I Share: If you’re unsure if you want to allow or deny location access for an app, select this option. The app will prompt you the next time it wants your location, enabling you to make an informed decision based on your actions.
• While Using the App: For most apps you want to allow to see your location, choose While Using the App. It’s entirely reasonable that a location-requiring app be allowed to determine your location while you’re using it.
• While Using the App or Widgets: This option only appears for apps with widgets; choose it only if you use a widget that needs location access.
• Always: Grant Always access only to apps that generate location-related notifications when the app is not open. The most common example is a weather app that provides notifications of incoming storms.

The Precise Location option becomes available if you allow location access for an app. Turn it on only if the app needs to know your location within 15 to 200 feet (5 to 60 meters). An Uber or Lyft driver will need to know where to pick you up, for instance, so those apps should have Precise Location turned on, as should navigation and camera apps. For most others, turn off Precise Location. Your approximate location—a variable radius between 2.5 to 12 miles (4 and 20 kilometers)—is usually sufficient to locate you in the right part of the world.

Block Bluetooth and Local Network Access for Apps That Don’t Need It

Apps can use Bluetooth to infer your general location through interactions with other Bluetooth devices and movement patterns, so Apple requires apps to ask to use Bluetooth. As a result, just as with location, you should go through the apps listed in Settings > Privacy & Security > Bluetooth and revoke permission from any that don’t seem as though they should need it. Most will be legitimate—an app designed to communicate with a Bluetooth-connected device, for instance. Any app that needs access to Bluetooth and doesn’t have it should prompt you when you next open it.

Similarly, Apple now requires apps to request permission to use your local network. For the most part, these requests are reasonable—apps may need to discover network-connected devices like routers, printers, speakers, smart home gadgets, and more. Or games may need to discover other players on the network. However, because your network can reveal information about your location, it’s best to revoke access for any apps that don’t seem as though they should need it. There’s no harm in doing so; they’ll ask again if they need access.

Ultimately, all we can do is stay vigilant about what we’re allowing on our devices, encourage Apple to add even more privacy protections, and lobby our elected representatives for legal protection. It’s unconscionable that private companies can gather extensive location data on hundreds of millions of citizens.

For more information on all the great Apple products, features, and services, give us a call!  940-767-MACS (6227).  Or stop by MacTech Solutions, 4020 Rhea Rd, Suite 3B, Wichita Falls.  We’re open Monday thru Friday, 10am to 6pm

(Featured image by iStock.com/Chayada Jeeratheepatanont)

The post Perturbed by Location Tracking Revelations? Here’s How to Protect Yourself first appeared on MacTech Solutions.

For more information on all the great Apple products, features, and services, or for more information on cybersecurity, give us a call!  940-767-MACS (6227).  Or stop by MacTech Solutions, 4020 Rhea Rd, Suite 3B, Wichita Falls.  We’re open Monday thru Friday, 10am to 6pm

(Featured image by iStock.com/Thapana Onphalai)

Social Media: Scams are starting to incorporate personal information stolen in data breaches, so you may get “sextortion” threats that purport to know your phone number, address, and more.

The post Beware Fake “Sextortion” Scams first appeared on MacTech Solutions.

Starting in macOS 15 Sequoia, iOS 18, iPadOS 18, and visionOS 2, Passwords is now a real app rather than being trapped inside Safari, System Settings, and Settings. If you have resisted using a password manager or don’t wish to continue subscribing to an alternative, give Apple’s Passwords a try. It makes creating, maintaining, and entering passwords faster, easier, and more secure than doing it by hand. Those already using a password manager can export their accounts and import into Passwords.

What You’ll Find in Passwords

We’ll focus on the Mac version here, but the other versions are nearly identical apart from their screen sizes.

The left-hand sidebar, reminiscent of Reminders, provides categories of accounts:

• All: Select All to see all your accounts, regardless of what shared group they may be in.
• Passkeys: If you have any passkeys for large websites like Apple, Google, and others, they’ll appear here.
• Codes: Passwords can create, store, and enter two-factor authentication codes for sites that support them. If you need to look one up manually because Passwords couldn’t autofill it, you’ll find the associated account here.
• Wi-Fi: This category contains stored passwords for all the known Wi-Fi networks on your device. Because known Wi-Fi networks aren’t synced between devices, the number of these will vary between your devices.
• Security: If you have any accounts with weak passwords, accounts you previously shared and stopped sharing, or accounts whose passwords were leaked in a security breach, they’ll appear here. Edit these accounts and click the Change Password button to start the process; when the password changes, they’ll disappear from this category.
• Deleted: Any accounts you delete stay here for 30 days before being deleted for good. You can delete any of these accounts immediately or restore them to their previous group.
• Shared Groups: If you use Family Sharing, you automatically get a Family Passwords group to simplify sharing important accounts with your family members. But you can also share accounts with other groups of Apple device owners. To move an account to a group, choose it from the Group pop-up menu.

The middle pane lists the accounts in the selected category. You can sort the list using the menu with vertical arrows, search for a specific account, and manually add a new one with the + button. Otherwise, scroll through the list and click an account to view it in the right-hand pane.

At the top of the right-hand pane is an AirDrop button and an Edit button. Click AirDrop to share an account with someone nearby or Edit to make changes or set up a two-factor verification code. If you want to copy information, click the User Name, Password, Verification Code, or Website item to get a Copy menu. The password becomes visible when you mouse over it. Clicking Website also offers an Open Website option and lets you add more sites where the password should autofill.

Setup Requirements

Most people shouldn’t need to do anything to start using Passwords. However, if you have trouble, check the following items:

• Turn on Password AutoFill: If your device isn’t entering passwords for you, turn on AutoFill Passwords and Passkeys in Settings/System Settings > General > AutoFill & Passwords. Also, ensure that Passwords is enabled in the AutoFill From section if multiple password managers are installed.
• Turn on iCloud Keychain: If you want your passwords to sync securely among your devices, which makes life a lot easier, go to Settings/System Settings > Your Name > iCloud > Passwords and turn on Sync This Device.
• Set up iCloud Passwords for other browsers: Apart from Safari, Chromium-based Web browsers (Arc, Brave, Google Chrome, Microsoft Edge, etc.) can access and autofill your saved passwords if you install Apple’s iCloud Passwords Chrome extension. (There’s also now an iCloud Passwords add-on for Firefox.) The overall experience is not as seamless as in Safari, requiring a once-per-launch code, and you have to create new accounts in Safari or manually in Passwords, but it works.
  
• Configure settings: Choose Passwords > Settings (or look in Settings > Apps > Passwords for iOS 18 and iPadOS 18) to access options. Generally speaking, it’s fine to keep them all turned on.
  

If you have additional questions, check Apple’s documentation for detailed instructions for all the platforms on which Passwords runs. But realistically, Passwords is easy to use, and although the app itself is new, the underlying password management features and syncing have been in place for years, so they’re stable and reliable  

For more information on all the great Apple products, features, and services, give us a call!  940-767-MACS (6227).  Or stop by MacTech Solutions, 4020 Rhea Rd, Suite 3B, Wichita Falls.  We’re open Monday thru Friday, 10am to 6pm

(Featured image by iStock.com/designer491)

The post Passwords Becomes a Real App in macOS 15 Sequoia, iOS 18, and iPadOS 18 first appeared on MacTech Solutions.

(Featured image based on an original by iStock.com/Armastas)

Social Media: Don’t forget about local security on your Mac. Make sure to require a password shortly after the screen saver starts or the display sleeps to prevent people from riffling 

The post Set macOS to Require a Password after Screen Saver Start or Display Sleep first appeared on MacTech Solutions.