Apple Encryption - It Ain't All There
I find myself saddened this morning, not because it's Monday, and not because I am beginning another week at a thankless job, but because I have just completed a report advising business users to avoid OS X. Okay, okay, in all honesty, the fact that it IS Monday and I do have to spend another soul-sucking week in a thankless job is a part of my general malaise. On the eve of MacWold, I had hoped that I would have something more cheerful to write about. But I suppose, there will be enough Mac fanboy's blogging away while listening to his majesty, the esteemed Mr. Jobs deliver his soliloquy at the MacWorld keynote.
I write today, not out of surprise, but out of frustration. In examining whole disk encryption solutions (in a fair level of depth), I have found that there is no viable solution that meets the requirements of my clients. Furthermore, there really isn't a viable whole disk solution"¦ period. Sure FileVault is fantastic, but it only encrypts the user's profiles and nothing else. What I need is something like PGP's whole disk solution, but for the Mac. I've found myself concluding my report this morning by recommending that my business clients use {gulp} Windows. There, I've said it. Somewhere out there an angel just lost its wings.
Recent developments in hardware based encryption from Hitachi and Seagate left me hoping that a mere drive swap would be my final solution. Unfortunately, all of the drives with built in encryption hardware require certain BIOS settings. To my knowledge OS X doesn't have a BIOS, much less configurable settings.
I have a dream, that one day Apple will wake up and smell the market. Business users need whole disk encryption and advanced security features. Until Apple improves in these areas, I'll be recommending the operating system that shall not be named.
