Pareto Security - Quick and Easy

I recently noticed an app on Setapp that I'd never tried, Pareto Security, so I investigated it. It's a basic application that checks the settings on your Mac and quickly shows you where you aren't following the best recommended practices from security experts. It has links to tutorials for every setting along with an explanation of why that setting is recommended. Although it is geared towards less technically advanced users, anyone can benefit from a quick scan.

Experienced Mac users are going to familiar with these best practices and will probably have legitimate reasons for any deviation from the suggested settings. Still, it convinced me to change my settings in a few areas:

• I use a third-party firewall app, but I have now also turned on Apple's firewall.
• I also turned on firewall stealth mode
• I turned off native file sharing because I use other ways of sharing files on my network
• I finally decided, for the first time ever, to try operating my Mac as a standard, rather than an admin user. I use an app called Privileges to convert to an admin account for short periods when I need to; otherwise I just enter the username and password of an inactive admin account, which every person should definitely set up.
• I'd delayed turning on File Vault, and this convinced me to finally flip the switch. I have no excuse for waiting so long.

Pareto Security checks the settings in the following areas

• Access security - makes sure all important areas of your Mac are password protected and that your SSH setting are optimized for security
• Application Updates: - Checks your browsers, security apps (e.g., firewall apps like Lulu), alternative terminal and secure messaging apps (e.g., Signal)
• Firewall and Sharing - Checks Airdrop, Airplay, Firewall and all sharing settings
• macOS Updates - It gigs you if you don't have automatic updates turned on, so take these suggestions with a grain of salt.
• System Integrity - Checks your boot settings, File Vault, Gatekeeper, Terminal secure entry, Time Machine settings, and Wi-Fi connection

If you don't have Setapp, you can download a free trial of the app from Pareto and run the checks. I don't see any reason why a personal user would want to run this app continuously but in a managed setting, it is one good way to make sure your users are following the best security settings if you are not managing them through JAM or something similar.