You have bought this beautiful new MacBook, but you are not sure you dare put your confidential documents on it.
Maybe you are afraid the machine gets stolen, maybe you don’t want your colleagues to have access to your financial data and private correspondation or maybe it’s stuff your children need not see and talk about. Or you have some large documents which you wish to put on CD, but should remain confidential.
If you have such a need for secured data then Mac OSX is your friend. OSX has the built-in capability to create encrypted disk image (dmg) which are just files but can mount like a CD. They are familiar since most software comes in the form of a dmg, usually a non-encrypted image of course.
In this article I’ll show you how to create such an encrypted image. I have included some screenshots of my Dutch version of OS X, but I have tried to use the english terms in my description.
You start with opening Disk Utility in Programs->Utilities.
Select the “New Disk Image” icon, as accentuated in blue on the screenshot. You will see a “Save As” dialog in which you can specify the name of the dmg file, the size, and the encryption to use. As the default is no encryption you should select AES-128. The size is entirely up to you, default sizes range from 2.5 MB to 8 GB, and there is an option for custom sizes.
Press OK and you will be prompted for the password with which to protect your disk image.
Press OK again and you’ll have to wait a bit until the image is finished. The image is then immediately visible in both Disk Utility and the Finder.
If you don’t need to image to be accessible anymore, “eject” it in the finder. If you wish to mount it again, click on the dmg image and you will be prompted for the password.
As with most OS X technologies it’s easy to use if you know it’s there. There are just so many usefull features. So if you know some other gems for OS X, don’t hesitate to leave a comment.
June 17th, 2007 at 1:54 pm
Sounds good… I tried out FileVault for awhile but it was a bit of an overkill for me and wasn’t worth the hassle or the degradation in performance. An encrypted disk image sounds like a better idea.
June 17th, 2007 at 8:55 pm
FileVault protects your home directory; with an encrypted image you create, in essence, a separate directory hierarchy to be encrypted.
FileVault has the advantage that temporary files, thumbnails and caches which may be created by an application in for instance ~/Library/Application Support and such are also encrypted.
If you use a dmg it depends on the application whether there are still traces of your data to be found.
I’d say that a encrypted dmg is an excellent way to securely transport data, a good way to secure confidential data and bad for locally storing extremely sensitive data (due to working caches, automatic saves and other application-specific behaviour). On the other hand, having such sensitive data on an Internet enabled PC or in a place where it could be stolen is not smart in any case. Not even a Mac will help you there:)