I travel with a laptop everyday: to and from work, to coffee shops or to friends’ houses. While I use new, randomly generated passwords (courtesy apg) my home directory had not the same level of security.
That’s changed. Both my sister-in-law and a colleague had their laptops stolen recently and so encountered all the usual headaches and fears about personal and corporate information in the hands of nefarious individuals.
Wanting to quell any such concerns of my own I completely re-worked my security and backup strategies.
I use a Mac … enter File Vault and Time Machine. The web contains many complaints about their pairing but, for me, the limitations fit my workflow.
The main limitation to the marriage of File Vault and Time Machine is the latter can only run if the user of the former is logged out. Fine by me. Some of my applications, namely those using sqlite (Yojimbo comes to mind), should not be running while a Time Machine backup is occurring because the state of the backup could potentially be inconsistent.
To remedy this scenario, I had been quitting all applications prior to manually initiating Time Machine. Now I log out. It’s actually safer and more robust. Perfect.
There was one issue in the migration, namely any directory in my home directory which I had excluded in Time Machine is no longer excluded since Time Machine now only sees a directory of data chunks, not a proper file system. Since this included some monster VMWare images I have no interest in backing up I moved them out of my home directory and voilà, problem solved.
In addition to the switch to File Vault I updated System Preferences to ask for a password after sleep and to disable automatic login.
The upside of all this is my backups on my external drives (one at home, one at work) are encrypted, my laptop is encrypted and I rest a bit easier. Nice.