Home
How-To > Operating systems

How To Set Up Whole Disk Encryption In OS X 10.7 Lion

Comments | David W. Martin, BYTE | July 26, 2011 06:00 PM

Category: Operating systems

One of the most valuable and significant changes Apple made to OS X Lion 10.7 is its overhaul of FileVault.

The OS X 10.6 version of FileVault protected just private data like pictures, email messages and other documents -- and only inside an encrypted home folder. Now, in Lion, FileVault2 enables full-disk encryption. This is an important improvement because it means FileVault is encrypting the entire file system -- not just a folder. For IT and tech pros, this addresses most of the security concerns around FileVault and Macs in the enterprise.

FileVault2 uses full disk, XTS-AES 128 encryption to keep your data secure. It is also quite easy to use. Mac users can toggle it off and on. It encrypts in the background and works seamlessly.

To use FileVault2, open System Preferences. Click Security & Privacy.


Click the padlock to unlock the Security & Privacy preferences.


Enter your user name and password -- you'll need administrative rights on the Mac you're encrypting.


Click on the FileVault tab.


Click on Turn On FileVault.


Your Mac will display your recovery key. This is important – make a copy of it and keep it secure.


Select whether to store your recovery key on Apple’s servers. Declining means you'd better hang onto that key. Better to accept and let Apple help you recover your data should you lose the key.


Select Store the Recovery key with Apple and hit Continue. The system next asks three security questions.


Here are the available questions.


Fill in all three. Click Continue.


The process requires a restart. Select that here.


The process takes a while. Grab a snack or keep working -- FileVault will encrypt as a background process.


Once FileVault is finished, you will see the message saying that encryption is finished.

The entire process took approximately an hour to complete on my 13-inch MacBook Air with a 256GB SSD drive. I worked on this piece while it encrypted. I looked but didn't notice any significant impact on available free disk space on my boot drive.

The only noticeable change is that the Mac now shows a new boot screen on restart. That's how you know FileVault is working. You'll always log in with user ID and password to get past this point.

Apple really got this right. FileVault2 works smoothly. I log in only once at this new screen and I’m immediately presented with my Finder desktop. You won't ever be sorry you used FireVault, but it's easy to imagine regretting you didn't.

Based in Houston, David Martin is a technologist at BYTE. Follow him @David_W_Martin or email him at David.Martin@BYTE.com.



Related Reading

News

Commentary

Most Popular

On the Web

Slideshow

Video



Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

BYTE encourages readers to engage in spirited, healthy debate, including taking us to task. However, BYTE moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. BYTE further reserves the right to disable the profile of any commenter participating in said activities.

COMMENTS
Tune In to BYTE
Facebook Twitter LinkedIn Newsletter RSS
Whitepapers
whitepaper
CIO Strategies for Consumerization: The Future of Enterprise Mobile Computing
In this paper you will learn the five trends shaping the future of enterprise mobility. Learn how the rise of social media as a business application, the lurring between work and home, the emergence of new mobile devices, the demand for tech savvy employees and changing expectations of corporate IT will fundamentally change the workplace.
whitepaper
Media Tablets in the Enterprise
In a survey of more than 1,700 information workers (iWorkers) in North America, notebooks, desktops, and smartphones were found to be “must-have” devices, while tablets, slates, and netbooks were relegated to “nice-to-have” status, according to a commissioned study conducted by Forrester Consulting on behalf of Dell and Intel.
Sponsored by: Dell
Upcoming Events
  • Build, Run and Manage Cross-Platform Mobile Apps with a Mobile Application Platform
  • Mobile DevOps - Handling Platform Sprawl
  • App Development for a Multi-Platform Environment that Won't Break Your Back or Budget
  • 2013 Social Media Analytics Best-Practices
  • CTO to CTO: Scott Davies, VMware, and Jim Davies, Mitel, Give Voice to the Virtual Desktop


    • More Webcasts>>