|
|
10.5: Insure that Time Machine runs on FileVault accounts
There is always the possibility that information may be disclosed. FileVault or not. All someone has to do is guess the login password.
10.5: Insure that Time Machine runs on FileVault accounts
The guidelines NSA publishes are for government and industry and they cover confidential but not Top Secret information, which is stored under much stricter rules. In other words, the guidelines are not for "NSA-level" security but rather recommendations for the configuration and use of computers containing sensitive data. Users concerned about the cost and embarrassment of data theft should consider the NSA guidelines. To provide protection against a sophisticated and well-funded hacker (but not one with unlimited government resources) users can:
If all of the above guidelines are followed, secure accounts on a stolen computer are probably safe, in that no exploits are generally known. Time machine will not back up a secure account when the user is logged in or when no user at all is logged in, but will back it up when the user is in the process of logging out. If connecting a USB or Firewire disk is not practical when logging out of a secure account, creating a "backup" non-FileVault, non-admin account with limited privileges is a convenient way to allow backups later, with minimal risk to security. Logging in to such an account, with a USB or Firewire disk connected, will allow Time Machine to back up all secure and insecure accounts.
10.5: Insure that Time Machine runs on FileVault accounts
... and disable safe sleep, as mentioned above. |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysNo new commentsLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.09 seconds |
|