A Guide to Disk Image Encryption

A Guide to Disk Image Encryption
Page content

What is Disk Image Encryption?

Disk image encryption is a method of keeping data secure on your Mac. It doesn’t require any extra software to be downloaded or installed – it is a feature of the operating system that effectively prevents anyone from discovering your personal information or reading your documents by using encryption software to make the data unreadable to anyone without a suitable key.

That someone will be you, and despite the complexities of encryption and all of the “behind the scenes” processing that is required to apply it to your data, it really is very easy to use disk image encryption.

What is Encryption?

Encryption is a means of making data inaccessible. To this end, the data is rewritten using a cipher so that anyone attempting to access it without the correct key will be unable to read or open the data.

The key is used to decrypt the data, and is created at the same time as the data is encrypted. As a result only the key can unencrypt the data. Typically a key is associated with a computer profile or username.

Encryption has become an increasingly common means of protecting data on computers, principally due to the increase in popularity of mobile computing.

Creating a Disk Image

On an Apple Mac computer or laptop, Disk Image Encryption is a feature that can be enabled via the Disk Utility.

Rather than encrypting an entire volume, a section of your hard disk is mounted as an encrypted device, so which you can store personal and confidential data and files.

To get started, go to Applications > Utilities > Disk Utility and create a new disk image via File > New > Blank Disk Image. Give the image a name; it will be saved as a .DMG disk image file. Also specify a location to save the image. This will depend upon how much data you expect to encrypt.

In the Volume Size menu, select a size for the image file, and also choose a volume format if you prefer not to use the default Mac OS X format. Several image formats are available; for instance you might use sparse disk image which will only use as much space as required.

Applying Disk Image Encryption

The next stage is most vital for applying disk image encryption. You have a choice of 128-bit AES or 256-bit AES encryption. Both are next to impossible to crack, but 256-bit encryption is tougher (as well as being more processor intensive.) The choice is made in the Encryption pop up menu.

Note that if no encryption is selected, then the new image will not be encrypted.

Click Create after you have confirmed all of your selections, and enter and confirm a password. You will need to decide whether or not to retain the password in your keychain. It will be saved there by default (deselecting Remember password (add to keychain) will prevent this) but if you forget the password and it is not saved in the keychain, your encrypted data will be lost forever.