Create a Pareto Cloud account
Security Checks for macOS devices
These are the security checks that are run continuously by Pareto Desktop.
Access Security
| Check | Description | Required in frameworks |
|---|---|---|
| Automatic Login is off |
Prevent unauthorized access. |
CIS ISO NIST CSF Essentials SOC |
| No unused user accounts are present |
Delete unnecessary accounts. |
CIS ISO Essentials |
| Not using Administrator account |
Limit Administrator account use. |
CIS Essentials |
| Password after inactivity |
Prevent unauthorized access. |
CIS ISO NIST CSF Essentials SOC |
| Password manager is installed |
Manage passwords securely. |
NIST CSF Essentials SOC |
| Password to unlock Preferences |
Prevent unauthorized changes to your system. |
|
| Screen Saver shows after 20 min |
Prevent unauthorized access. |
CIS ISO NIST CSF SOC |
| SSH keys require a password |
Secure your keys. |
|
| SSH keys use strong encryption |
Prevent or delay bruteforcing of the private key. |
Firewall & Sharing
| Check | Description | Required in frameworks |
|---|---|---|
| AirDrop is secured |
Disable unnecessary services when not in use. |
CIS Essentials |
| AirPlay receiver is off |
Disable unnecessary services when not in use. |
CIS Essentials |
| File Sharing is off |
Disable unnecessary services when not in use. |
CIS Essentials |
| Firewall is on and configured |
Prevents contact from other computers on the internet or on your network. |
CIS ISO Essentials SOC |
| Internet Sharing is off |
Disable unnecessary services when not in use. |
CIS Essentials |
| Media Sharing is off |
Disable unnecessary services when not in use. |
CIS Essentials |
| Printer Sharing is off |
Disable unnecessary or unused services. |
CIS Essentials |
| Remote Login is off |
Disable unnecessary services when not in use. |
CIS Essentials |
| Remote Management is off |
Disable unnecessary services when not in use. |
CIS Essentials |
macOS Updates
| Check | Description | Required in frameworks |
|---|---|---|
| App Store updates are automatic |
Keep software updated. |
CIS ISO NIST CSF Essentials SOC |
| Application updates |
Keep important apps updated. |
CIS ISO NIST CSF Essentials SOC |
| macOS updates |
Keep macOS automatically updated. |
CIS ISO NIST CSF Essentials SOC |
| Pareto Security updates |
Keep Pareto Security updated. |
System Integrity
| Check | Description | Required in frameworks |
|---|---|---|
| Boot is secure |
Enable default Apple security configurations. |
CIS ISO NIST CSF Essentials SOC |
| FileVault is on |
Encrypt the data on your disk. |
CIS ISO NIST CSF SOC |
| Gatekeeper is on |
Prevents running non-notarized apps. |
CIS ISO NIST CSF Essentials SOC |
| Terminal apps use secure entry |
Secure keyboard entry. |
|
| Time Machine is on and encrypted |
Securely back up your data. |
CIS ISO NIST CSF Essentials SOC |
| WiFi connection is secure |
Secure internet connection. |
ISO |
Framework Legend
- CIS CIS: CIS Critical Security Controls - Provides best practices for securing systems and data against cyber threats.
- ISO ISO 27001: International Organization for Standardization - ISO 27001 outlines best practices for information security management systems.
- NIST CSF NIST Cybersecurity Framework: National Institute of Standards and Technology Cybersecurity Framework - A voluntary framework for reducing cybersecurity risks.
- Essentials Cyber Essentials: A UK government-backed framework for basic cybersecurity hygiene.
- SOC SOC: System and Organization Controls - Security standards for managing and protecting sensitive data in business environments.