Creating Encrypted Containers with Disk Utility
(for simple file-based encryption - check the help files for a particular software product – many, such as Microsoft Office and Adobe Acrobat, have built-in tools to encrypt (password-protect) documents.
Current versions of the macOS include the ability to create encrypted disk images. This allows you to create a password-protected container file that will mount as an additional drive in the Finder only after a decryption key is entered -- without the decryption key, the data is unreadable by anyone who merely has access to the file.
The following instructions will walk you through basic setup using the built in Disk Utility application. (If you wish to use a third-party tool -- you can reference the instructions for Windows users -- they are very similar.)
If you are interested in a full-disk encryption solution for a Whitman-owned/managed device -- please contact the WCTS Help Desk or the Information Security Office for a discussion about the options available to you.
** Reminder: modern encryption tools are very powerful. If you lose or forget your decryption key (password) -- the encrypted data is effectively lost. Proceed with caution and understand the potential data loss risks.
To create a new protected container:
Launch the Disk Utility application (located in /Applications/Utilities)
Select Blank Image… from the File → New Image menu
Name the file and select your desired storage location
Enter the name you want to appear when the container is mounted in the Name: field
Enter the desired size of your container in the Size: field
Choose Format: - default is fine
Select Encryption level from dropdown - (use 256 unless; this is large, complex container)
Enter and confirm password for the container
The protected container will be created as a .dmg file and mounted on your desktop.
To mount and use your encrypted container:
Double-click on the .dmg file in the Finder
Enter the container password
The container will automatically mount on your desktop
The container will automatically dismount upon log off.
To disconnect the container/drive letter without logging out:
Drag the container’s desktop icon towards the trash icon
Drop the container icon on the ‘eject’ icon
Encrypted file containers can be moved and used on multiple computers provided both are Macintosh computers.