After a few delays and set backs, the first article in our Securing Your Mac series is good to go. Kicking things off we’re going to look at Apple’s FileVault which has been included in Mac OS X since Panther (10.3). FileVault is important for a couple reasons — one for encrypting your startup disk and two for keeping prying eyes out from the data in your Mac if it’s lost, stolen, or confiscated. According to Apple’s website, FileVault uses XTS-AES 128 encryption that happens to be recommended by the NIST. That being said the encryption algorithm used is definitely top notch, so you’re in pretty good hands.

Using FileVault

To get started, you’ll want to head over to the System Preferences application on your Mac, select the “Security & Privacy” icon, click on the FileVault tab, then select the “Turn On FileVault” button. Because FileVault encrypts your entire disk, you can setup a recover option if you forget your login password. The available options are to store your FileVault key in iCloud, send it Apple, or write it down and no one else would have it.

For the best security, I suggest going with writing down your recovery key. Your iCloud Keychain could be hacked or someone may be able to guess your security questions when sending your FileVault key off to Apple. After choosing a recovery key option, you’ll be prompted to restart your computer and login with your password. Upon logging in, this is when the real fun begins. Your Mac will begin to encrypt its startup disk, so be sure to leave it plugged into a power source as it could take a while.

Performance Issues and Concerns

A common concern amongst users switching to FileVault is if it will cause performance issues. From personal experience, I’ve been using FileVault for a little over two months now and I barely seen any performance hits. Granted having a Macbook Pro Retina with an SSD could be why, so for those who are using older Macs with a traditional hard drive, you may notice some slowness but it won’t be a ton.

As with any encryption software a general concern are backdoors that allow anyone access to your computer as long as they know the right steps to access the backdoor. Currently there’s no known backdoors to FileVault, however, an extra step is to destroy FileVault keys while in standby mode. To do so, copy and paste the code below into Terminal (found under /Applications/Utilities).

pmset -a destroyfvkeyonstandby 1

Even though this will cause wake times to be a bit longer, it’s an extra layer of security. To reverse the above action, simple paste the code below into Terminal.

pmset -a destroyfvkeyonstandby 0

Final Thoughts

All in all, using and configuring FileVault is fairly easy and it’s definitely a first good step in securing your Mac. If you want to give it a trail run for a few weeks, you can always disable FileVault and your files will not be removed. Be sure to stay tuned for more articles on Securing Your Mac later this month.

That’s right folks, AppyFridays is back at it again with another bundle that’s all about Mac security. In this sale, you can get another three great Mac apps for only $10.99, saving you a grand total of $84.01 if you bought each app individually. You’ll have to be quick though, this limited time sale ends this Thursday and you can expect a brand new bundle to start again on Friday. Below you can see the list of Mac apps included in this bundle, along with a short description for each.

• Espinage 3 (regular price $59.99) — State of the art security for your Mac’s confidential data. You get the power of AES-256 + Scrypt encryption for maximum protection. Set master passwords and
• Photo Recovery (regular price $59.99) — This app provides the comprehensive and an easy-to-use solution to recover deleted, lost, damaged or formatted video, photo and music files from your hard drive and storage devices on Mac OS X.
• A Better Finder Attributes 5 (regular price $14.99) — This app allows you to manipulate JPEG, CR2, NEF, ARF, CRW & CIFF EXIF timestamps by setting them to specific times or batch adjusting them by adding and removing time which is useful for correcting the timestamps of images taken with a digital camera with a incorrectly set clock.

Like always, we will keep you updated as AppyFridays has more bundles to purchase.