As snug--and smug--as OS X’s security may make us feel, your data’s safety is up to you. Smart practices and strong passwords help, but thanks to ubiquitous USB flash drives, cloud file storage, and ever-shrinking MacBooks, it’s easier than ever to share sensitive documents or misplace the drives and computers where they’re kept. That means more opportunities for bad guys to snoop through your important stuff. Knox is a utility that gives you an extra layer of protection from prying eyes by encrypting specific files, folders, or external drives on your Mac. While it’s suited for users who need easy encryption on a daily basis, Knox deserves a look from anyone seeking more flexibility in their daily security regimen.
You may be surprised to learn you already have Knox on your Mac…sort of. For years, OS X’s Disk Utility has let you create password-protected encrypted disk images--it’s the same technology FileVault uses to safeguard your entire Home folder. These images are virtual volumes that require a password to mount on the Desktop. From there you can add and remove documents, then eject the volume like a regular disk when you’re done. Unmounted, the images are single files that can be easily shared, and the contents are locked down with 128- or 256-bit AES (Advanced Encryption Standard) encryption--the same encryption protocol used by the U.S. Government. Knox drags these useful features from the depths of Disk Utility into the Finder, letting you roll your own security on a file-by-file basis, without the overhead of FileVault’s all-or-nothing encryption.
Knox’s controls are accessible from a menu bar or Dock icon. Either way, it’s easy to create new vaults (Knox’s term for encrypted disk images), manage old ones, and change vault locations and other settings globally or for specific vaults as needed. Vault capacities can be fixed at any size up to 10GB, or they can grow automatically up to your drive’s capacity as files are added. Knox also alerts you when space can be recovered from vaults from which files have been deleted.
For added convenience, Knox can reformat entire drives as vaults for secure sneakernet transfers; vault passwords can be saved to your Keychain; and Spotlight searches can be allowed on mounted vaults to make, say, searching through old tax documents quicker. Best of all, vaults can be opened without Knox using Disk Utility in Mac OS 10.4 or later, so you can swap vaults with other Mac users knowing that they’ll open just fine--as long as you have the password.
Unfortunately, this ease of use is somewhat marred by backup complications. Finder updates some invisible files when vaults are mounted, so some vaults can trigger full backups even if you haven’t modified the actual documents. Agile recommends excluding Knox vaults from your Time Machine backups, and to compensate, Knox offers its own built-in backup and restore features. Backups can be performed manually, or on daily or weekly schedules, and up to 10 prior versions of a vault can be saved and restored later. Like other settings, these backup options can be applied to some or all vaults as desired. Agile’s tools fill in the gaps, but it’s an additional step away from Time Machine’s “set it and forget it” mantra.
Knox brings OS X’s encryption features to the desktop in a package that’s more than the sum of its parts.
Knox
COMPANY: Agile Web Solutions
CONTACT: www.agile.ws
PRICE: $34.95
REQUIREMENTS: Mac OS 10.5 or later
Simplifies and improves on OS X’s encrypted disk image features. Encrypted files can be opened with Disk Utility on supported systems.
Some core features are already freely available in OS X.
