Your Mac comes with a built-in tool for encryption; help your security team out and put FileVault to work.
Your Mac comes with a built-in encryption feature called FileVault. Its job is to encrypt the data that is already stored on the startup disk of your Mac and any new data coming in as you use your Mac. This process of encrypting and decrypting information on your Mac’s hard drive happens on the fly as you use your Mac.
Why is FileVault useful on Your Mac?
The reason encryption is such a fundamental part of security is that it scrambles the data so it is entirely unrecognizable without the encryption key. If, for example, your laptop had sensitive information stored on it and was stolen or hacked, malicious actors would need to have your encryption key to “unscramble” the data and make sense of it. FileVault adds that the final layer of security for your information stored on your Mac via XTS-AES-128 encryption with a 256-bit key.
Below is the step-by-step guide to encrypting your macOS hard drive with FileVault.
Turn on and set up FileVault
1. Click the Apple icon > System Preferences, then click Security & Privacy.
2. Click the FileVault tab and click Turn On FileVault. You will be required to choose between using your iCloud account and password or using a recovery key generated by the Mac.
3. If you forget and cannot use your iCloud password and do not have the recovery key your files and data are gone for good.
Your Security Policies May Require You to Turn on FileVault
Stuff happens, so don’t be that person who gets an unencrypted laptop stolen from their car which leads to 43,000 patients getting notified their information was stolen. Encrypting your devices is a low-effort way to boost your security.
This is the kind of best practice that many companies require employees to follow in their security policies and procedures. Vendor security questionnaires often ask about your encryption policy and practices.
Especially for B2B companies that are under scrutiny from enterprise customers or regulatory authorities, it’s important that all your employees encrypt their hard drives.