There’s an age-old belief in the tech world that Macs don’t get malware. At AnyTech Solutions we know that isn’t true – Mac security firms uncovered new threats specifically targeted at Macs in June 2019, and notable instances of Mac malware have been uncovered in the past. But is it true that Macs are less vulnerable than Windows PCs?

Macs have a lot of built-in features that can be powerful tools in the fight against malware. These features come with every Mac by default, so is there really a need to install third-party antivirus software on your computer?

The belief that Macs are fairly resilient to malware is somewhat true. Windows PCs make up roughly 90% of the market, making them a much more attractive target to malware makers.

And Macs really do have some stellar built-in tools that protect you right off the bat. All Apple apps are sandboxed, meaning they can only do what they’re meant to do, without being able to access critical system infrastructure and settings.

But there are gaps in the armor that protect Mac users’ systems. Apple’s layer of security relies on adding quarantine tags to suspicious or outright malicious software, and this then prompts the warning dialogue you see when you try to open them.

“The nature of sandboxing on MacOS actually restricts antivirus software.”

What about the new security features in MacOS Catalina, launched recently. Apple says apps will require your permission before accessing your documents, desktop files, iCloud Drive and external drives, plus it’s promising greater security thanks to a dedicated system volume for the operating system.

However, the top experts still don’t believe these go far enough. Gatekeeper still won’t perform a signature check on non-quarantined apps on launch, meaning a malicious actor could tamper with a legitimate app and it would still be permitted to run on MacOS.

“By default, for example, [an antivirus app] cannot get access to most of the files on the hard drive. Even if you grant access to the entire hard drive, many of those files cannot be removed by an App Store app. This means App Store antivirus is less likely to be able to detect all threats and is also less likely to be able to remove all threats.”

Relying purely on Apple’s systems isn’t enough. For example, while Gatekeeper can block apps that originate from third-party or untrusted developers, it can easily be bypassed by the user with a couple of clicks.

While Gatekeeper gives you plenty of warning that ignoring its checks is a bad idea, it still lets you do it with relative ease.

The obvious conclusion seems to be that you should install antivirus software on your Mac, we recommend and supply ESET along with free installation which we perform remotely. But as we noted above, there are some important caveats, and it’s certainly not the only precaution you should take.