Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Most secure way to save files long term for extra privacy?

Turnpike

Turnpike

macrumors 6502a
Original poster
Oct 2, 2011
599
331
New York City!
I do some work in a very competitive field (security/investment related research) and have been saving photo, video, and text research files in what I consider a super "secure" place, on a designated Macbook with a log in password that I do not use to go online with. I'll admit I have a limited understanding encryption and overall security, but after reading how much effort the feds went through to catch the Silk Road guy with his laptop open, I figure that if I have a password on my Mac, it's more than enough for me when working around even the most untrustworthy co-workers in different research centers.


From what I understand, even if someone takes my laptop, the most they can do is erase it and have a laptop, not the content on it (and that content is my main/only concern).

But as my research files grow in number, I don't want to go spend big $ on another laptop just because it has more memory. If I use an external SSD to put OSX on, and set up my "computer" and files on the external SSD, are my files as secure as if they were on a laptop with a password? Or are the contents more vulnerable when on an external drive like that?

I don't have any state secrets to protect, but my collection of work is becoming more valuable, and it's not uncommon for the people I work with (more like compete with) to spend $2500 at a computer shop trying to get into a fired or otherwise ex employee's old research files, or recover stuff from their old flash drives.

Any suggestions how I could keep about 250GB-1TB or more worth of data super secure over a long term, I'd appreciate it. I don't want to put it online and don't need to access the internet on the device I keep it on. I use the laptop more for writing and saving the papers on and saving the research stories, video, and articles in files and folders as I come across it for later review. If my best bet is just to buy another Macbook with a large hard drive, then that's what I'll do, I just wanted to check if there was an external drive solution that was as secure.

Thanks!
 
Your data is secured only if your drive is encrypted with FileVault.
This is true with either internal or external drives.
 
  • Like
Reactions: MisterSavage
Wando64 said:
Your data is secured only if your drive is encrypted with FileVault.
This is true with either internal or external drives.
Click to expand...


Thanks! I went and read up on just what FileVault is. So setting up a "computer" on an external 1TB HD, if I have FileVault enabled, the info on that HD is super secure then? As secure as can be?
 
I wonder if you could create a disk image with disk utilities and then password protect the disk image on the external drive?
 
  • Like
Reactions: ssmed
Keep in mind, that there are two "security" meanings you should consider:
1. secure as "no one else can read it". e.g., nosy co-worker and worse...
2. secure as "I cannot loose it". e.g., mistake, theft, flood, hardware failure, fire, ... name your favorite here, plenty options.

Usually, FileVault is perfect for case 1.
If you want to make sure you are safe for case 2 (not clear from your text), you need multiple copies, stored at multiple locations.

Good choice: Two (or more) external disks, from different companies and of different type (so they are unlikely to fail at the same time) with FileVault each (ideally, different passwords), located at sufficiently different locations. Routinely updated and error checked. Oh yes, I think spinners (rotating magnetic hard drives) are proven for longer life. Not sure if SSD is the best choice for this purpose, for now.

Two encrypted Time Machine disks, at different locations, work also reasonably well...

Yes, requires significant maintenance.
 
  • Like
Reactions: NoBoMac and Turnpike
It seems fairly clear to me that the OP is concerned with other people being able to access his data.
The solution to this problem is enabling FileVault on the internal storage AND on any additional external storage.

I am not sure what the OP means when he suggests he could "setting up a "computer" on an external 1TB HD".
If I understood correctly, you are in need of extra storage. In which case just plug in an external disk, enable FileVault on it, then you can start using it as your extra storage either by saving new data to it or by moving your existing data to it.

Obviously in regard to making a safety backup of your data, you will also need another external disk, at least as big as the sum of your other disks, and then: 1) enable FileVault on it and 2) Use it as the destination disk for Time Machine backups.
 
Agree with other suggestions. I use an external disk drive and a separate Time Machine backup external drive. For things I don’t want to lose, I use a 2TB external SSD. I copy the files I want to it, then put it in our bank’s safe deposit box. I update about quarterly. It has things on it like household inventories, electronic versions of tax returns and backup documents, and the like. All are encrypted, and passwords kept up to date with the lawyer.

Bit of an admin overhead, but works well for me.
 
Turnpike said:
I do some work in a very competitive field (security/investment related research) and have been saving photo, video, and text research files in what I consider a super "secure" place, on a designated Macbook with a log in password that I do not use to go online with. I'll admit I have a limited understanding encryption and overall security, but after reading how much effort the feds went through to catch the Silk Road guy with his laptop open, I figure that if I have a password on my Mac, it's more than enough for me when working around even the most untrustworthy co-workers in different research centers.


From what I understand, even if someone takes my laptop, the most they can do is erase it and have a laptop, not the content on it (and that content is my main/only concern).

But as my research files grow in number, I don't want to go spend big $ on another laptop just because it has more memory. If I use an external SSD to put OSX on, and set up my "computer" and files on the external SSD, are my files as secure as if they were on a laptop with a password? Or are the contents more vulnerable when on an external drive like that?

I don't have any state secrets to protect, but my collection of work is becoming more valuable, and it's not uncommon for the people I work with (more like compete with) to spend $2500 at a computer shop trying to get into a fired or otherwise ex employee's old research files, or recover stuff from their old flash drives.


Any suggestions how I could keep about 250GB-1TB or more worth of data super secure over a long term, I'd appreciate it. I don't want to put it online and don't need to access the internet on the device I keep it on. I use the laptop more for writing and saving the papers on and saving the research stories, video, and articles in files and folders as I come across it for later review. If my best bet is just to buy another Macbook with a large hard drive, then that's what I'll do, I just wanted to check if there was an external drive solution that was as secure.

Thanks!
Click to expand...
Create an encrypted disk image with disk utility with the desired size and set a secure password. Mount the image each time you want to add data and then unmount the disk image. It works even with external and networked disks

Captura de ecrã 2019-05-24, às 16.43.24.png
Captura de ecrã 2019-05-24, às 16.43.24.png
 
Last edited:
LuisN said:
Create an encrypted disk image with disk utility with the desired size and set a secure password. Mount the image each time you want to add data and then unmount the disk image. It works even with external and networked disks

View attachment 838814View attachment 838814
Click to expand...

This is what I would do, even on my Mac that already has FileVault enabled.

Use a SparseBundle, these can be backed up more efficiently with time machine.

By unmounting it when you're not accessing the files, you reduce the possibility of malware getting access to those files. It's up to the user to decide whether to save the password for the disk image in Keychain or not.

Hell, you can even store Sparsebundles in iCloud Drive, and it works fairly well. As with all important data, you should always make sure you have an additional backup and not just depend on the cloud though.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back