Hey, you know that flash drive you’ve got in your desk? The one with your Quicken backups and secret client files on it? Um, you should be more careful with its data. And what about your Time Machine backups? If someone took your backup drive, would he be able to get all of your stuff off of it? Well, sorry, you’re hosed.
No, no, I’m kidding! Don’t leave. Luckily for you (and for me, since I don’t have to write so much), I covered some easy ways to encrypt external drives in a tip from last year. But as far as Time Machine backups go, you’ll need to do something a little bit different to make sure those are safe and encrypted—and you might even need to wipe the disk in question to accomplish your task. Yuck.
Just FYI: The instructions below assume you’re setting up a new encrypted Time Machine backup, but if you have questions (or if you run into a scenario I don’t mention), run on over and check out Apple’s support article on the subject. In fact, I’m gonna say you should just read that page first no matter what. I’m paranoid like that.
Anyhow, what you’ll do to get started is open System Preferences and click on the Time Machine pane.
Within that, you’ll see a few choices. There’s a big switch that lets you toggle Time Machine on and off; there’s an “Options” button, under which you can choose what items you want to exclude from your backups; and then there’s the “Select Disk” button.
Click on “Select Disk,” and you’ll see everything available you are or could start backing up to.
Within that dialog box, pick a destination and turn on the “Encrypt backups” checkbox I called out above. After you hit “Use Disk,” your Mac will ask you to create a strong password to secure your backups.
Don’t forget that password, please. Like, really.
Finally, if you do happen to be trying to encrypt an existing backup set and OS X has to erase the drive or your backup history (because, for example, your drive isn’t formatted properly to be encrypted or because your backups are on a Time Capsule), it should warn you what it’s about to do and why.
For what it’s worth, there’s some debate about whether it’s better to encrypt your backups (for improved security) or leave them unencrypted (which offers potentially easier restoration if something goes wrong). I fall firmly on the side of “better security” as long as you have multiple backup sets, including some off-site. For more info and instructions on backup redundancy, check out my previous tip about making clones of your Mac, and then go and back up to your heart’s content. And make sure you have at least seven different backups kept in seven different locations across the globe. Or is that just me?