QRecallDownloadIdentity KeysForumsSupport
  [Search] Search   [Recent Topics] Recent Topics   [Hottest Topics] Hottest Topics   [Groups] Back to home page 
encryption and backup  XML
Forum Index » Cookbook and FAQ
Author Message
john hampson



Joined: 13-Apr-07 13:09
Messages: 22
Offline

Problem:

certain files in the system need to be secure/encrypted but not all,

e.g.

some documents
mailboxes
certain projects

Proposed solution

Encrypted sparse bundle on internal drive with symlinks for mail, secure documents and secure projects.

Backup solution:
External drive with similar (but larger) encrypted sparse bundle. Qrecall to backup from internal sparse bundle to external sparse bundle.

Sparse bundles to be added to login options so mounting and unmounting is automatic. (passwords not kept in keychain, so you are prompted for passwords when mounting)

I've done a proof of concept test with mail and a few folders, seems to work OK


I then create a new archive for my complete home folder, but just excluding the sparse bundle. This provides for an archive of all my remaining data.

Note, I store my iTunes and Photos on a separate Media partition and archive them independently (only on demand)

Can anybody see any flaws in this approach?

Is there any suggestion for a better method?
James Bucanek



Joined: 14-Feb-07 10:05
Messages: 1546
Online

There's a slightly simpler approach, but you would lose the ability to browse individual files in the encrypted disk image.

Keep the single, encrypted, sparse disk image on your primary partition that contains your sensitive files. Then simply capture the entire volume to an external archive. The archive would contain all of the non-encrypted files and the single encrypted disk image file.

You would not be able to browse changes to your encrypted files; you would have to recall the entire encrypted volume in order to recover one or more items. But it would simplify the arrangement.

- QRecall Development -
[Email]
Bruce Giles



Joined: 05-Dec-07 03:47
Messages: 95
Offline

john hampson wrote:Can anybody see any flaws in this approach?

Is there any suggestion for a better method?
I'm not quite sure if this will do what you want, but you can use TrueCrypt (free disk encryption software from <http://www.truecrypt.org/> ) to create an encrypted partition on an external drive.

You need to supply a password to mount the partition, but once it's mounted, reads and writes are encrypted/decrypted on-the-fly. I ran some brief tests with QRecall and it seemed to work just fine with an archive on an encrypted partition. It is a little slower, because of the on-the-fly encryption.

Once the partition is unmounted, no one can access anything on it without the password.

-- Bruce

This message was edited 1 time. Last update was at 24-Apr-09 10:54

 
Forum Index » Cookbook and FAQ
Go to:   
Powered by JForum 2.1.8 © JForum Team