Security and Whole Disk Encryption

Posted on by Mike Evans

Back in October I was sitting on an Athens tram (pre riots) listening to one of those excellent podcasts from Victor Cajiao's Typical Mac User. This particular podcast centred on data security and whole-disk encryption from PGP. Most of us are a bit slapdash when it comes to protecting our private information. And the modern laptop can contain tons of useful stuff, from bank statements to passwords--even your address book. In fact, if you lose an unprotected laptop these days it is very simple for someone to steal your identity. Even our Government has been adept at losing unprotected laptops on trains or from cars. 

So Victor's timely words were comforting and I have since been mulling over the pros and cons of whole (or full) disk encryption. This is a method of encrypting the entire hard disk, including the boot sector, so that it is virtually impossible to access without the all-important private key. I'm assured that James Bond would have problems. I have now taken the plunge and installed PGP Desktop  on my new MacBook Pro and everything went according to plan, just as Victor promised. The 140GB of data on my 320GB disk took about seven hours to encrypt, so I left it running overnight. 

This morning all was finished and I took the fateful step of rebooting. My heart missed several beats when the PGP box was the first thing to come up on the screen. I entered my private key, a passphrase which I can remember but which is quite complex, and was delighted (if a bit surprised) that it was accepted and start-up continued in the normal manner. According to Victor and the various threads I've browsed on the PGP forums, encryption is entirely transparent while the computer is running: No loss of speed, no problems with software. And yes, before you ask, I did do a complete backup before installing PGP. PGP Desktop cost me about £100 and I'll be reporting on progress over the next few months. 

∞ Permalink