In the first two installments of “Blurred Lines,” Tom Lambotte explained why you need a mobile device management policy and a fully encrypted Mac hard drive. In this last installment, he points to a security fail that’s easy to overlook. Tom will be speaking at the session “Home-Mac; Work-Mac” at ABA TECHSHOW this week!
The security of your backups isn’t often discussed, but that doesn’t mean you should ignore the issue. Backups are critical, but just as important is ensuring your backups are not at risk.
Many home users have a local backup hard drive — and many Mac users use the built-in backup, Time Machine, because of its simplicity. Others go the route of making a bootable clone — a bit-by-bit copy of their entire hard drive. And some users do both the Time Machine backup and the clone.
The same issue we discussed in Part Two regarding full disk encryption applies here: If you store firm data on your home computer or laptop and back it up at home, and that backup drive gets into the wrong hands, you’ve got a serious security issue. This is often overlooked by law firms. But if firm data is being stored on personal devices and computers, it is the firm’s responsibility to determine how that data is being backed up and secured. If an unsecured backup is stolen from someone’s home, that is a major risk and could be judged as negligence.
So let’s look at two options for encrypting your backups.
Encrypting Time Machine Backups
As with FileVault, which will automatically encrypt your Mac’s hard drive, Apple has added the ability to encrypt your entire Time Machine backup.
Go to System Preferences, click on Time Machine and select Backup Disk. You will see a checkbox next to “Encrypt Backups.” If the checkbox is dimmed, hold your cursor over it for a moment to see an explanation; for example, the selected disk may need to be reformatted or repartitioned. If no explanation appears, that means the disk you selected doesn’t support encryption. The most common issue here is that the disk is formatted for Windows, usually FAT32. If that’s the case, you will need to format the disk (completely erase everything on it) using Disk Utility. Once that’s done, you should be able to enable encryption.
Quick tip: If your backup hard drive is older than three years, do yourself a favor and buy a new one. Your backup is your lifeline — your CYA plan. I’ve seen people use extremely old hard drives for backups, only to have those drives fail when they’re needed.
Encrypting Clone Backups
Encrypting the clone drive requires a few more steps. Carbon Copy Cloner (from Bombich Software) is one of the most popular cloning applications and my preferred tool for creating bootable clones for law firm clients. For instructions on doing this, you can head to the play by play here.
Once you have completed those steps — voila! — your backups are secure and this is one concern that’s no longer a liability for your firm.
I hope this series has raised your awareness about some of the security concerns surrounding using the same device at work and home. Take the action steps provided to improve security and ensure you are doing your due diligence to protect your firm and client data.
Apple at Law Survey Highlights
Attorney at Work’s report on the 2015 Apple at Law User Survey is available for download, here.