Please Note: There is a known incompatibility with Sophos and FileVault on Mac OS X 10.5.x. If you are using FileVault please do not install Sophos Antivirus at this time.
Prior to enabling FileVault the following considerations should be observed:
Although FileVault has a very low failure rate; it is recommended that users create a backup of documents and files prior to enabling FileVault. This backup will provide a means of recovery in the event that anything should happen.
- Time Machine:
Under normal operation Time Machine will backup information in the user's Home folder while the user is logged in. Once FileVault is enabled however, Time Machine will back up a user's Home folder only after the user logs out and recovery of individual files becomes difficult. It is for this reason that Time Machine's backup potential is reduced and is not recommended for use with FileVault. If an alternate backup solution is required, iBackup provides a freeware solution that allows on-demand and scheduled backup and recovery of individual files while you are logged in. http://www.apple.com/downloads/macosx/system_disk_utilities/ibackup.html
- Free Space:
When FileVault is enabled the user's Home folder is copied (not moved) to a protected space and the original is not deleted until the end of the process. This means that prior to enabling FileVault, the free space on the hard drive should be equal to or greater than the size of the Home folder. This free space requirement is also necessary in the event that FileVault is disabled. If you do not have this amount of free space available, then it may be necessary to offload some of the files in your home directory to an external device before beginning the process and then migrate the files over to the protected Home file once the process is complete.
- Open your System Preferences panel and click Security (circled in red below).
- On the General tab, select the items below to ensure maximum security.
- On the Firewall tab, select "Allow only essential services" to prevent unauthorized users from accessing your computer remotely.
- On the FileVault tab, click the button labeled "Set Master Password".
- On this screen you will set a Master Password that can unlock FileVault protected accounts. This is a feature that is designed to provide recovery for accounts. Set this password as something you won't forget, but ensure that it is different from your user account password. Do not lose or forget this password; this password cannot be recovered or reset once it is set.
- You will now be prompted for the password affiliated with your current user account.
- After your password is accepted you will be prompted to confirm that you want to turn on FileVault. On this screen, be sure to check the option to "Use secure erase". Once you click "Turn On FileVault" the computer will not be accessible for 1-2 hours depending on hardware.