Seagate Momentus FDE.2 in a mac? Full Disk Encryption

Discussion in 'Buying Tips and Advice' started by kinesin, Jul 7, 2007.

  1. kinesin macrumors regular

    Joined:
    Jun 10, 2006
    #1
    Due to changes in my work place it looks like I could be out on the road a lot more often. One nice benefit is I'll be switching my desktop for laptop as I'll need to drag it out on site, and of course I'm thinking about convincing them into buying me a MacBook rather than a thinkpad.
    I'm a UNIX guy so the justification shouldn't be that hard, plus the fact it can dual boot into Windows provides some advantages. Personally I just like watching movies via front row using my bluetooth phone remote when dumped in a hotel room!

    Anyway: company policy states that all laptops must be encrypted, now filevault doesn't cut it as it needs to be full disk. However Seagate sell the Momentus FDE.2 (Full Disk Encryption) which does it all in hardware and provides a password at the boot stage.

    Question is, would/does the Seagate Momentus FDE.2 work in the new Macbooks?
     
  2. Fearless Leader macrumors 68020

    Joined:
    Mar 21, 2006
    Location:
    Hoosiertown
    #2
    no, it needs a bios, which you don't have. (at least i believe)

    see if you can talk to the IT guys to work something out.
     
  3. kinesin thread starter macrumors regular

    Joined:
    Jun 10, 2006
    #3
    Thought that might be the answer.. Still no FDE software for mac available?
     
  4. Fearless Leader macrumors 68020

    Joined:
    Mar 21, 2006
    Location:
    Hoosiertown
    #4
    it requires hardware to support it (mainly bios), and well we don't have it.
     
  5. sfisher macrumors regular

    Joined:
    Jun 20, 2007
    Location:
    Albuquerque, NM USA
    #5
    Encrypting data on laptop hard drives is an excellent idea, but do they realize that on a Mac your valuable data is only kept in your home directory? What good does it do to encrypt application installations? They may be thinking of it from a Windows point of view where there are a LOT of different places that data files can go into so they just give in and encrypt everything. Macs just aren't that way:cool:. In short, sorry, I don't know of a way to encrypt the whole disk on a Mac.
     
  6. Michael J macrumors newbie

    Joined:
    Sep 19, 2006
    Location:
    Seattle
    #6
    FDE on a Mac

    The Seagate FDE.2 drives have almost 0 performance hit, so there's actually no reason not to encrypt the entire drive. Plus even on Macs, different users have different folders. It's entirely likely that at least some of the software out there that supports the FDE.2 drive on Windows machines, can be ported to OSX relatively easily. For example, SECUDE's FinallySecure uses a Linux-based pre-boot authentication that would actually work very well on a Mac. http://secude.com/htm/386/en/News-Detail.htm?News=11229


     
  7. Fearless Leader macrumors 68020

    Joined:
    Mar 21, 2006
    Location:
    Hoosiertown
    #7
    actually there are reasons to not secure your entire drive. Most files are not sensitive for most users. And if you forget your password, or lose your key(usb drive), you are screwed.
     
  8. Michael J macrumors newbie

    Joined:
    Sep 19, 2006
    Location:
    Seattle
    #8
    "most" files and "most" users introduces the necessity of making choices based upon policy. This can get complex and can also lead to user error as well as diminished productivity. If the entire drive is encrypted, it's quite simple.

    As for losing your password, that is not an encryption issue; it is a policy issue. The same applies if you lose your account password or indeed if you lose the key to your house.

    Most enterprise-level encryption software contains fairly robust challenge/response-based key recovery mechanisms that are administered centrally. So if you lose your password, your IT Admin can help you get it back, or at least get you back "in" long enough to change your password.
     
  9. Fearless Leader macrumors 68020

    Joined:
    Mar 21, 2006
    Location:
    Hoosiertown
    #9
    yes but "most" people don't have an IT department or a system admin.

    I'm talking about home users, maybe your talking about a business or corporation.
     
  10. Michael J macrumors newbie

    Joined:
    Sep 19, 2006
    Location:
    Seattle
    #10
    Ok, I understand you are talking about home users. The original post here was for enterprise users in the workplace.

    For home users, it is actually just as simple: you save an emergency recovery information (ERI) file to an external device and lock that in your desk or store it on your secondary computer or on your backup drive.
     

Share This Page