You might feel relatively safe using a Mac, but you’re still vulnerable to social engineering and other tricks that may allow malicious software to run.
That’s why Apple has built in some protections against unknown software running. The key one is Gatekeeper. Though its name isn’t written anywhere in System Preferences, naturally you’ll find its settings in the Security & Privacy pane.
Look in that pane’s General tab and under the heading ‘Allow apps downloaded from’ you’ll find two options that either allow apps to run only if they’re from the Mac App Store or if they have been signed by identified developers (known to Apple) and distributed outside the store.
Naturally, given this relates to system security, your choice applies to all users. Gatekeeper used to provide a third option, ‘Anywhere’, but this was a risky choice and best avoided in favour of overriding the feature for individual apps as needed.
Thankfully, this option being removed in Sierra isn’t a sign that Apple has withdrawn the ability to override Gatekeeper and restricted your choice of apps; it simply enforces that you must explicitly grant permission for an unsigned app to run.
If you try to open an app that doesn’t meet your chosen security level, macOS will flash up a dialog that tells you so. Should you avoid all such apps? Not necessarily, but you should exercise caution based on their source.
Plenty of useful apps are blocked by Gatekeeper because their code hasn’t been signed by a registered developer. One of the most popular is HandBrake, a free tool that converts many video formats for iOS and other devices.
Dealing with known malware
Gatekeeper is backed up by another security measure whereby macOS receives details from Apple about known malware and implicit threats and blocks their ability to run.
When it detects a threat, macOS warns that the file you’re trying to open will damage your Mac and offers to trash it. There’s a setting in the App Store pane in System Preferences that determines whether you receive updates that keep macOS’s knowledge of threats up to date.
Other threats include versions of plug-ins, such as Adobe Flash Player, in which critical vulnerabilities have been discovered. When Apple adds one of these to the list of known threats, your Mac will then block that version and you’ll need to download the latest one from its official source.
How to manage your Mac’s anti-malware features
1. Configure Gatekeeper
Go to System Preferences > Security & Privacy, click the padlock at the bottom left and then enter an admin username password so you can alter Gatekeeper’s settings.
In the General tab, make your choice from the two security levels.
2. Get security updates
If you like to manually download and install updates, you may have turned off the App Store’s automatic behaviours in System Prefernces.
Enable the system data files and security updates item so macOS receives info from Apple about threats.
3. Override Gatekeeper
To allow an app past Gatekeeper’s protection, Ctrl-click its icon in Finder and choose Open.
You will still be shown a cautionary warning, but it’ll include an option to open the app anyway. In future, you only have to double-click the app.