There are a growing number of options for Mac drive encryption software. Those interested in the security of drive encryption—which locks down the entire disk behind a nearly impenetrable passcode—are fortunate to have so many programs from which to choose. The best drive encryption solutions meet or exceeds industry-standard security while working transparently and with little negative performance impact.
We’ve combed through reviews on websites such as SC Magazine, SecureMac.com, Computerworld, CNET, Techworld, Lifehacker, Ars Technica, The Mac Lawyer, and AnandTech in order to come up with the top rated encryption solutions:
PGP Whole Disk Encryption ($140)
Top Review Sources:
- SC Magazine: 5.0/5.0 “Best Buy”
- SecureMac.com: 5.0/5.0 “After…installing the product you are a few clicks away from being fully encrypted. The decryption process is just as easy.”
- Computerworld: “PGP Whole Disk Protection is a very good choice for protecting the data on a hard drive”
Symantec’s PGP Whole Disk Encryption is a robust full-disk encryption program targeted at business users. The initial encryption process can be lengthy—large drives with lots of files can take several hours to secure. The good news is that you’ll be able to continue your work as PGP Whole Disk Encryption performs its duties in the background. It is also nice that setting up the initial encryption takes just a few steps that are logically and simply presented. PGP Whole Disk Encryption is capable of using a handful of ciphers, including AES, CAST, TripleDES, IDEA, and TwoFish. After the initial encryption process is complete, PGP Whole Disk Encryption operates transparently, encrypting and decrypting files on the fly. Performance impact is negligible, and the only clear indication that the program is working is the authentication screen at startup. Extras include the ability to create encrypted self-extracting files and a file shredding tool for permanent deletion. PGP Whole Disk Encryption can create encrypted virtual drives on unencrypted volumes, plus it will encrypt removable media.
PGP Whole Disk Encryption can be purchased on the official website.
Top Review Sources:
- CNET: 4.5/5.0 “Loaded with powerful features”
- Techworld: “TrueCrypt…offers a plethora of configuration settings, default options and operational choices”
- Lifehacker: “Our favorite solution for keeping your private files safe, sound, and hidden”
TrueCrypt is feature-packed and free. The program provides full disk encryption via an easy-to-use interface. You’ll be able to choose from three ciphers: AES, Serpent, and Twofish. Initial drive encryption can take many hours, but your Mac remains useable during that time. System performance will be affected during this process, but after it is done, TrueCrypt works seamlessly in the background. The only time you’ll be prompted by TrueCrypt is at the password screen at startup. Not only can you use TrueCrypt to lock down your entire hard drive, you can use it to secure removable drives and create encrypted virtual drives as well. TrueCrypt’s help files are comprehensive and well-written; patient beginners will have few problems learning how to get the most out of the program.
Download TrueCrypt for free on the publisher’s site.
FileVault 2 (Free)
- Seamless integration into OS X
- Can store your recovery key with Apple
- OS X 10.7 Lion required
Top Review Sources:
- Ars Technica: “Disk encryption that actually works”
- The Mac Lawyer: “Essentially a complete win-win for business users”
- AnandTech: “The new FileVault is a pretty great deal for individuals”
Starting with version 10.3 Panther, OS X has included an encryption tool called FileVault. FileVault is able to encrypt the home directory, but is unable to perform a full disk encryption. With version 10.7 Lion, FileVault 2 debuts. A big improvement of FileVault 2 is the ability to encrypt an entire disk. Like the original FileVault, FileVault 2 is tightly integrated into OS X, making it easy to use. During the setup process, FileVault 2 provides a recovery key—a string of characters essential to unlocking your drive if you forget the passcode. You have the option of sharing the recovery key with Apple; if you can’t remember your passcode or recovery key, your last line of defense is to call Apple and answer security questions that you create during the FileVault 2 setup process. After setup, FileVault 2 will restart your computer and begin the drive encryption process. System performance will be diminished, but you’ll be able to work on your computer if you need to. Once the initial encryption is complete, FileVault 2 will encrypt and decrypt files as you work and your system speed should not be significantly impacted. FileVault 2 employs XTS-AES 128-bit encryption.