How do I protect my backup drive?
October 30, 2008 1:47 PM   Subscribe

How do I secure my backup hard drive that I copy my computer's content onto?

I use SuperDuper on my Mac and copy my whole bootable disk image to a backup drive connected to my computer. Now, my computer is pretty well protected, I have passwords to get into any account and on my screensaver. When logged in as one user, you can't access files in another user's folder.
However, it seems like the weak spot in my security is the hard drive that I back up to. When I access the drive and look at the files, I'm able to get into every folder and see everything and never have to access a password. Someone could take my hard drive and have all my information.
So how to I protect my backup hard drive? Is there a way to password protect its contents, encrypt it somehow, etc? Is it something I would do in SuperDuper or do I need another program? Would turning on Mac's built in FileVault encryption on my computer protect me (I've never used it so I'm not sure how it works)?
posted by truth1ness to Computers & Internet (5 answers total) 1 user marked this as a favorite
Instead of keeping files in folders, keep them in encrypted disk images of say a few gigs each, depending on your needs. I use 4Gb ones since I make backups to DVD a lot of the time.

Then regularly back up the images (one big file, un-openable, encrypted, not usable without passphrase), not the files.

Bonus: backup is much faster.
posted by rokusan at 2:00 PM on October 30, 2008

You'd probably be best served by setting up one large encrypted partition on that hard drive.
posted by chrisamiller at 2:02 PM on October 30, 2008

All it takes to reset the OS X account password is an OS X CD, that's hardly any protection. Second flaw is your computer's harddisk, remove it, put it into another one - access all the files.

Your best bet is a full system encryption tool, unfortunately TrueCrypt can do that only on Windows, but PGP recently released a full disk encryption tool for Mac. The performance doesn't seem to be that great, from what I read, I haven't tried it myself yet.

You could also use FileVault to encrypt your home directory, but it can cause serious pain and doesn't tend to be very reliable (while ignoring the fact that it's closed source and had major security flaws in earlier versions and therefore should not be trusted). You might be better off with containers created with disk utility, PGP or Truecrypt.

As far as the backup drive goes - afaik SuperDuper can backup into a mounted dmg, so I'd create an encrypted diskimage of the size of your harddrive on the backup drive. You'll lose the ability to boot from the backup volume, though.
posted by starzero at 3:08 PM on October 30, 2008

Yeah, you could make ONE BIG disk image as starzero says, I guess. I've always liked keeping things more compartmentalized. Home Stuff, Work Stuff, etc.
posted by rokusan at 3:13 PM on October 30, 2008

I still say you want to use encrypted images on your main hard disk, though... as your primary place to keep your files. Then you can just back up those image files as needed without any extra encryption needed on the backup drive(s).

Otherwise your primary copy is wide open to anyone with a boot CD.
posted by rokusan at 3:15 PM on October 30, 2008

« Older One order of Tabula Rasa, please.   |   If you could MSNBC me now Newer »
This thread is closed to new comments.