I wanted to ask how folks at thoughtbot secure their macs. I have seen IT Admins force unnecessary measures in the place I work such as:
Forcing all traffic through their proxy servers when I am on VPN. They also prevent many websites from being accessible through the proxy
Enable full disk encryption - File Vault 2, thus slowing the system down
So my question is, since you folks also handle confidential data/code so how do you make sure it’s secure without losing any productivity of the developers
Particularly if your machine is a laptop and therefore easy to walk off with (even if you never move it from your office), I think installing full disk encryption is a reasonable precaution. It’s one of the requirements Github institutes on their systems when they use Boxen for configuration management.
Not sure about the others, as I haven’t used those measures in the past on OSX boxes.
Although I agree with @geoffharcourt regarding always using full disk encryption, if you’re unwilling to go that far you could always keep your code in an encrypted disk image. You could use a commercial product like Knox, or simply use Sparse Images created using Disk Utility.