European Union Flag
European Apple Users Information & Support
LOGIN
RSS Feed Icon
via fetchrss.com The next event is:
Apple WWDC23

From 5 June 2023
to 9 June 2023
More events…

macOS 13 Ventura
FREE
 Amazon UK Mac Software Affiliate Link

Mac Security Article #4 - Securing Data

Article ID = 84
Article Title = Mac Security Article #4 - Securing Data
Article Author(s) = Graham Needham (BH)
Article Created On = 22nd May 2012
Article Last Updated = 14th February 2017
Article URL = https://www.macstrategy.com/article.php?84

Article Brief Description:
How to secure your data using macOS

Securing Data

This article has the following sections:
  1. Creating A Secure Disk Image
  2. Securing Hard Disks/Storage Devices
  3. Apple's macOS / OS X / Mac OS X FileVault
  4. Third Party Encryption Solutions
  5. Encrypting (ZIP) Archives
  6. Encrypted Hardware
It is number four in a series of MacStrategy security articles.

Creating A Secure Disk Image

A secure disk image can be used to securely store documents and data on any storage device. It is commonly used for storing documents such as a simple password list. Follow the instructions below to create a secure disk image on your Mac.
  1. Go to Macintosh HD > Applications > Utilities > open Disk Utility.
  2. Go to File menu > New > Blank (Disk) Image.
    3. Mac Security - Creating A Secure Disk Image
  3. Enter a disk image file name for 'Save As' and choose where to save it on your computer. (Secure disk images can be saved to any storage device including USB sticks.)
  4. Enter a name for 'Name' (this is the name of the secure disk image as it will appear on the desktop icon when mounted - it can be different to the "file name").
  5. Choose the size of the image by clicking the 'Size' pop-up menu. Make sure the size of the image is large enough for your needs as you cannot increase the size of an image after creating it. You will be creating a "sparse bundle" image which only takes up as much space as there is data in it so choosing a large file size is okay.
  6. Choose a format by clicking the 'Format' pop-up menu (we recommend the "Mac OS Extended (Journaled)" option).
  7. Choose an encryption method by clicking the 'Encryption' pop-up menu (we recommend the "256-bit AES encryption" option available in Mac OS X 10.5 or later).
  8. Choose a partition by clicking the 'Partition' pop-up menu (we recommend the "Hard disk" option).
  9. Choose an image format by clicking the 'Image Format' pop-up menu (we recommend the "sparse bundle disk image" option).
  10. Click the "Create" button.
  11. Enter a password and verify it. (You can access the Password Assistant from this window by clicking the 'key' icon).
    12. Mac Security - Opening A Secure Disk Image
  12. Deselect/untick "Remember password in my Keychain" and click the "OK" button.
  13. Your disk image will be created and mounted on the Desktop.
  14. When you have finished using the disk image unmount it by ejecting it/dragging its desktop (mounted) icon to the Trash (do not drag the actual disk image file to the Trash).
  15. The disk image is now secure as it can only be opened by double clicking on it and entering the correct password.
NOTE: When you open the disk image make sure you deselect/untick the "Remember password in my Keychain" option otherwise the password will be stored in your Keychain and it will defeat most of the purpose of creating and using a password protected secure disk image in the first place!

Securing Hard Disks/Storage Devices

macOS / OS X / Mac OS X includes a couple of technologies for securing hard disks/storage devices. Apple's macOS / OS X / Mac OS X FileVault encrypts entire home folders/disks. OS X 10.7 Lion supports encrypting additional storage devices. OS X 10.8 or later supports encrypting Time Machine backups. To encrypt a Time Machine backup tick the "Encrypt Backup Disk" option when setting a Time Machine drive (OS X 10.8 or later): Mac Security - Encrypting Time Machine Backups To encrypt a hard disk/storage device with a password (OS X 10.7 or later):
NOTE: This process will erase your selected volume / storage device and wipe all data from it.
  1. Go to Macintosh HD > Applications > Utilities > open Disk Utility.
  2. Connect the hard disk/storage device to your computer.
  3. On the left in the Disk Utility window select the hard disk/storage device you wish to encrypt.
  4. Click the "Erase" tab.
  5. Select "Mac OS Extended (Journaled, Encrypted)" from the 'Format' pop-up menu.
  6. Type a name for the hard disk/storage device.
  7. Click the "Erase" button in the bottom right.
  8. Enter a secure password when prompted.
To encrypt a hard disk/storage device with a password from the Finder/Desktop (OS X 10.8 or later):
  1. Connect the hard disk/storage device to your computer.
  2. Locate the hard disk/storage device's icon on your Desktop (if it's not visible make sure "Hard disks" and "External disks" are ticked in Finder menu > Preferences > General tab).
  3. Right/control click on the hard disk/storage device's icon.
  4. Select "Encrypt" from the contextual menu.
  5. Enter a secure password and hint when prompted.
  6. Click the "Encrypt Disk" button.

Apple's macOS / OS X / Mac OS X FileVault

Apple's included FileVault technology allows you to encrypt data on your Mac's hard disk. FileVault v1 (Mac OS X 10.3 to 10.6) can encrypt entire home folders whereas FileVault v2 (OS X 10.7 or later) can encrypt entire boot disks including external hard disks.

Third Party Encryption Solutions

NOTE: Some applications like those in Microsoft Office (Word, Excel, PowerPoint) and Adobe Acrobat allow you to secure documents using password protection. In general we do not recommend the use of such facilities as they are easily broken/hacked. Use a secure disk image or encrypted ZIP archives instead.
NOTE: Encryption solutions usually require specific operating system versions - it is possible for an official Apple macOS / OS X / Mac OS X update to break such solutions which means that you cannot update your OS until the solution is verified/updated to work with it - this could actually leave you less secure with an unpatched OS while you wait.
Third party encryption solutions:
  • IDRIX VeraCrypt
  • Jetico BestCrypt
  • GnuPG (Open Source)
  • Tao Effect Espionage for Mac
  • Symantec Encryption Solutions (use to be Pretty Good Privacy - PGP)
  • Truecrypt (Open Source)
    • NOTE: On 29/05/2014 the TrueCrypt web site contained a message that the development of TrueCrypt had ended and "Using TrueCrypt is not secure as it may contain unfixed security issues". A good write up about this and the future of TrueCrypt can be found here.

Encrypting (ZIP) Archives

The built-in OS X ZIP (compression) software does not support encrypted zip files. The following software does and is especially useful for sending encrypted email attachments:

Encrypted Hardware

Encrypted USB Sticks
Kingston DataTraveler
  • DataTraveler Vault Privacy
  • DataTraveler Vault Privacy Managed
  • DataTraveler 4000
  • DataTraveler 4000 Managed
  • DataTraveler 5000
  • DataTraveler 6000
iStorage DataShur
  • 4GB
  • 8GB
  • 16GB
Encrypted Portable Hard Disks
RocStor Rocsecure
  • RocSafe MX
  • Commander 2F3
  • Commander 2UE
  • Rocbit FXPW
  • Rocbit FXKT
  • Rocbit 2B
  • Rocbit 2U
LaCie Rugged Safe
  • 1TB hard disk
  • 250GB SSD
iStorage
  • diskAshur
  • diskAshur SSD
  • diskG aka diskGenie
  • diskG* SSD aka diskGenie SSD
Encrypted Desktop Hard Disks
RocStor Rocsecure
  • Commander 3UE
  • Rocbit 3A
  • Rocbit 3U
iStorage diskAshurDT
  • 1TB hard disk
  • 2TB hard disk
  • 3TB hard disk

Article Keywords: Mac OS X OSX 106 107 108 109 1010 1011 macOS 1012 1013 1014 1015 1100 1200 1300 Snow Leopard Lion Mountain Lion Mavericks Yosemite El Capitan Sierra High Sierra Mojave Catalina Big Sur Monterey Ventura Macintosh Security data encrypt encryption encrypting

This article is © MacStrategy » a trading name of Burning Helix. As an Amazon Associate, employees of MacStrategy's holding company (Burning Helix sro) may earn from qualifying purchases. Apple, the Apple logo, and Mac are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc.

If this information helped you or saved you time and/or money why not donate a little to us via PayPal?
All proceeds go directly to MacStrategy / Burning Helix to help fund this web site.
If this information helped you or saved you time and/or money why not donate a little to us via PayPal?
All proceeds go directly to MacStrategy / Burning Helix to help fund this web site.

Go to this
web page
to donate to us.