I have a MacBook Air with a tiny SSD, an external drive for additional storage, and a second external drive to back up both of the other drives using Time Machine. I also use Amazon Glacier for offsite, cloud backups.<p>Is it worth the trouble to encrypt everything?<p>Should I continue to just encrypt certain files, e.g. client files?<p>If I get hit by a bus, how can I ensure that my writing and photographs will be accessible to my family?<p>What do all of you do?<p>Note: I'm not asking about email or other communications, just files on your drives.
I run file vault on my mac, this gives me the peace of mind that if my macbook is stolen or lost I don't have to worry about the sensitive data (generally work related) on it.<p>My personal files such as photos etc are usually on unencrypted usb drives or cloud storage.
A TrueCrypt volume holds sensitive files. One of the files contains a file with all other logins/passwords. Another tiny TC volume contains only a text file containing the first TC volume's password, its physical location and DropBox location (login/password). The 2nd volume's password is sent to multiple friends, who are instructed to give it to selected family members upon proof of my death or incapacitation. The selected family members are given those friends' contact info and physical locations of the 2nd TC volume. (Now that I think about this, I'll also email the 2nd TC volume to the selected family members.)
LUKS on all of my drives - internal and external. I decided a while ago that CPU usage is a small price to pay for having the default be encrypted. And an immediate benefit is that it makes it really easy to wipe the drive.<p>I still consider these files to be relatively insecure (as the volumes are open constantly, and synced across several machines), so any sensitive stuff goes in encfs on top of that.<p>I actually view these staying inaccessible in case of my death as a feature. Anything I care to share should be explicitly published, and everything else should vanish just like the information in my head.
I do not encrypt my entire disk, just the files that need to be.<p>Anything that involves clients, money, or any other sensitive data goes into truecrypt containers.
Rather than use a password manager, I put them in a big text file & run that through openssl (via cygwin). Though it probably isn't best, I use one of my private_key files as the password. The particular command line combination is written on paper in a safe that others have access to.<p>To believe the rest are important to someone else is rather egocentric.
I Do Not encrypt any files. I have a desktop at my home and i never saw need to. Although I don't live in a first world country. So no first world problems.