Securing your macs

shadabahmed · 2013-08-27 06:26:43 UTC

I wanted to ask how folks at thoughtbot secure their macs. I have seen IT Admins force unnecessary measures in the place I work such as:

Forcing all traffic through their proxy servers when I am on VPN. They also prevent many websites from being accessible through the proxy
Enable full disk encryption - File Vault 2, thus slowing the system down
Installing antivirus

So my question is, since you folks also handle confidential data/code so how do you make sure it’s secure without losing any productivity of the developers

geoffharcourt · 2013-08-27 14:05:48 UTC

Particularly if your machine is a laptop and therefore easy to walk off with (even if you never move it from your office), I think installing full disk encryption is a reasonable precaution. It’s one of the requirements Github institutes on their systems when they use Boxen for configuration management.

Not sure about the others, as I haven’t used those measures in the past on OSX boxes.

zackfern · 2013-08-27 19:15:53 UTC

Although I agree with @geoffharcourt regarding always using full disk encryption, if you’re unwilling to go that far you could always keep your code in an encrypted disk image. You could use a commercial product like Knox, or simply use Sparse Images created using Disk Utility.