 |
Encryption is a security measure which converts data into a form that
becomes unreadable to those that are not authorized to access the data.
It is ideal to encrypt your files if your computer stores sensitive data,
is portable or is in a physically insecure location.
There are two applications you can use to encrypt data on Apple OS X:
Disk Utility and FileVault. The chart below outlines the
pro's and con's of using these applications:
|
Disk Utility |
FileVault |
Does it use the the Advanced Encryption Standard
with a 128-bit
key? |
Yes |
Yes |
Is the data password protected? |
Yes |
Yes |
What does it encrypt? When would you activate this
encryption? |
Only the files and directories you specify
are encrypted. You can encrypt the data anytime, either when you have an
existing file or directory you'd like protect or when you'd like to create
new disk image. |
Your entire home directory and all of
it's contents (movies, music, documents) are encrypted. You
should only activate this option immediately after you create a new user
account because encrypting large quantities of data at once is
time-consuming and risky. |
Is it good for encrypting large quantities
of data? |
No, it's best for smaller quantities that are
placed in a directory, up to about 500 MB. |
Yes, it's best for larger quantities that
you would store in your home directory. |
Is there any risk to my data? |
Yes, if you forget the password, all the
data in the encrypted directory is lost. |
Yes, if you forget the password, all the
data in your home directory (movies, music, documents). |
Will encrypting the data affect the
performance of my computer? |
No, only the encrypted files will be
affected. |
Yes, audio and video files stored in your
home directory will be affected. |
Disk Utility
Apple OS X 10.3 and higher includes an application, Disk
Utility,
that allows you to create encrypted, password-protected disk images.
Disk images are the preferred method of securing data. Creating disk
images avoids the risk associated with encrypting large quantities of
data that doesn't need securing.
Disk Utility is good for storing smaller quantities of sensitive
data or files. For information about creating these disk images, see
http://docs.info.apple.com/article.html?artnum=107333.
FileVault
Apple OS X also includes an encryption program, FileVault, that
can be used to quickly encrypt and decrypt your entire home directory on
your Mac OS X workstation. If your home directory is large, it will take
a very long time to encrypt your data, so it is not a good idea to use
FileVault on large pre-existing home directories. FileVault
is
best when used with a new account and home directory. As the new account
grows over time, the new files will be encrypted.
Caution:
-
The files are encrypted using your account's login name and
password.
If
you forget
your password, and have not set a master password, your data is
irretrievably lost.
Should you experience system or hardware
problems
with
your computer, encrypted data is very difficult, if not impossible to
recover. If you use the FileVault feature, you should frequently
backup your files.
Follow these steps to enable FileVault:
Double-click the System Preferences icon. System
Preferences in located
in the Applications folder on your hard drive.
The System Preferences window will open. Click once on the
Security icon.
The Security window will appear.
Click once on the Set Master Password... button. A window
will appear and allow you to set a new strong password. Type the password
once in the Master Password field and a second time in the
Verify field. Click OK. You may also
set a Hint. Do not forget this password. If you forget your login
password, you can use this password to decrypt and access the data.
Click once on the Turn On FileVault... button. You will be
prompted to
type your user account password (not the master password set in step 4
above) and click OK. FileVault will begin encrypting your
data. Depending on the size
of your home directory, this could take quite some time.
|
