We have a user very concerned that his iMac has had its security breached. The particular user is a bit upset so it’s not easy to get clear information from him and he does give us inconsistent information and some which are red herrings from his own research.
We have taken some steps to secure his system such as changing his passwords, ensuring that remote access things like screen sharing and VNC are turned off. The user themselves has been clicking on various things in a panic to secure things and has for example used FileVault to encrypt the data.
From what we can see at present there are no signs of remote access and we are sure that we have now secured it by taking the obvious previsions such as those listed above..
But are there any other steps we should be taking to ensure the Mac is secure? Any input appreciated in advance. Want to ensure we are turning over every stone.