|
Avid Pro Audio CommunityHow to Join & Post • Community Terms of Use • Help Us Help YouKnowledge Base Search • Community Search • Learn & Support |
#1
|
|||
|
|||
GDPR and Avid's advice to turn off Filevault
Hi Folks,
So GDPR kicks in this month and the company I work for are moving toward ensuring all laptops are encrypted in order to comply with GDPR requirements to ensure data security. For the Macs specifically, that requires enabling Filevault. As we have a number of Apple MacBooks running Pro Tools within the business, this puts us in a bit of a quandry. One one side we've got the requirements of the GDPR regulations to satisfy meaning we have to ensure all corporate laptops are encrypted to protect data (if the macbooks are lost/stolen etc) On the other side, the official Avid advice is to turn off Filevault (see Avid Knowledge Base article - "Mac FileVault and Creative Applications" and the official Avid macOS Optimisation guides) In Avids advice, turning off Filevault is required in order to prevent DAE -9035 errors - but i'm wondering how common are those errors out in the field?? Has anyone experience (good or bad) of having Filevault enabled on a Mac whilst running Pro Tools? Any feedback would be much appreciated! Skip. |
#2
|
||||
|
||||
Re: GDPR and Avid's advice to turn off Filevault
No one knows because none of us have FileVault on. Interesting problem though. Do report back when you find out.
__________________
Nathaniel Reichman Producer/Re-recording Mixer - New York Nathaniel Reichman | IMDB | LinkedIn |
#3
|
||||
|
||||
Re: GDPR and Avid's advice to turn off Filevault
Hi Skip. Welcome to the forum. Good question.
I don't have an answer for you but I'd be interested in knowing too. Not that I use Pro Tools on a laptop anymore but for reasons regarding theft I've encrypted all of my local and remote drives at my location - that is, all but the system drives using FileVault. I've not encountered any more problems than before, since encrypting the data drives, no new performance issues - just the usual ones. No noticeable difference with Pro Tools either when comparing encrypted HFS and APFS partitions. (Though another story: encrypted APFS partitions are more likely to fail definitely, compared to encrypted HFS partitions, if problems occur - due to the less evolved rescue / repair tools made available by both Apple and third party as of yet. Be sure to backup everything.) A modern, or at least an Intel CPU, should have an instruction set called AES-NI (Advanced Encryption Standard New Instructions). Quote:
__________________
Marcel Risberg Production sound and audio post - ljuddesign.se Enthusiastically sharing knowledge and experience at Stockholm Film School. 🛠 Pro Tools Ultimate 2019.10 · HD Native · HD Omni 🎚 EuControl x.x.x · Artist Control · Mix · Control App 🦑 MacPro5,1 · 12C24T @3.46GHz · 48GB · SSDs · macOS 10.13.6 (17G5019) 📺 Separate video playback machine 🥇 Covered by ZDT/TLC · Keeping DAW OS clutter free |
#4
|
|||
|
|||
Re: GDPR and Avid's advice to turn off Filevault
Thanks for the couple of responses so far - useful to know its not just me that appreciates the position.
Can anyone else help here or have any suggestions or experience (good or bad) What would be even better, would be for someone from Avid Support to clarify the apparent contradiction between legal GDPR requirements and use of Filevault? I don't believe we can be the only people/company with this concern.... Skip. |
#5
|
|||
|
|||
Re: GDPR and Avid's advice to turn off Filevault
I have FV turned on and all my external work drives are encrypted as well. Never had any issues.
__________________
PTHDn 2024.3 (OSX13.6.5), 8x8x8, MacPro 14,8, AJA LHi, SYNC HD, all genlocked via AJA GEN10, 64GB RAM, Xilica Neutrino, Meyersound Acheron |
#6
|
|||
|
|||
Re: GDPR and Avid's advice to turn off Filevault
Fox just sent their "Content Security Officer" out this week for a visit - among other things, they're asking all composers/subcontractors to encrypt all external drives that may have Fox content on them. Not too excited about this, but I'll probably be trying to comply soon. Curious what others are doing, and if this is affecting workflow when moving between studios.
__________________
http://www.richbreen.com ---------------------------------------- Mac Studio / Ventura, PT 2023.12.HDX, Avid HD I/Os and Metric Halo ULN8, 3xS1/Dock Also running a Mac Studio Ultra / Ventura / HDX / MTRX / S6 |
#7
|
|||
|
|||
Re: GDPR and Avid's advice to turn off Filevault
Quote:
Strong pass phrases are obviously your friend. Makes no sense to use "p@ssw0rd" and for such a drive.
__________________
PTHDn 2024.3 (OSX13.6.5), 8x8x8, MacPro 14,8, AJA LHi, SYNC HD, all genlocked via AJA GEN10, 64GB RAM, Xilica Neutrino, Meyersound Acheron |
#8
|
|||
|
|||
Re: GDPR and Avid's advice to turn off Filevault
I hope the studios are looking at password/passphrase management as well.
Password managers can help here with one secure careful password used to protect the password manager (and nothing else) and then the password manager used to generate long random passwords/passphrases. The one I like most is Dashlane. Think through how using filevault will affect your backups and recovery plans and ideally test that. If you are using CCC (highly recommended) to make encrypted boot disk backups follow these instructions https://bombich.com/kb/ccc5/working-...ult-encryption --- Pro Tools disk cache and fast SSDs all help make encryption more practical. Make sure disk cache is set to suitable size. |
#9
|
|||
|
|||
Re: GDPR and Avid's advice to turn off Filevault
Quote:
Yeah, I guess I'm wondering specifically about performance hits on large tracking dates; recording say 60 tracks at 96k - wondering if anyone's noticed a performance hit with encryption on vs off... I suppose I'll just have to try it and see how it goes. Also, when delivering a final archive of a project, then how does one deal with password management? Password managers are fine if it's all in house, but if you're passing off the encrypted drive to a studio, do you just hand it to 'em and write the password down on a piece of paper and let them deal with it? I guess so, but it all seems a bit hairbrained to me... Just wondering how others are dealing with this new reality.
__________________
http://www.richbreen.com ---------------------------------------- Mac Studio / Ventura, PT 2023.12.HDX, Avid HD I/Os and Metric Halo ULN8, 3xS1/Dock Also running a Mac Studio Ultra / Ventura / HDX / MTRX / S6 Last edited by Rich Breen; 05-25-2018 at 08:14 AM. |
#10
|
|||
|
|||
Re: GDPR and Avid's advice to turn off Filevault
Quote:
How they want you to deal with that is up to them. Sending content over a secure remote connection or having you copy it to a staging server etc. But if physically leaving encrypted content on removable media then a password manager will help not hurt you... by letting you manage separate unrelated passphrases for each physical drive. And no I would never attach that in plain text to the drive and carry it around. Once the drive is physically delivered to a secure location you can email that random passphrase to them, or carry it to there on your password manager encrypted on your smartphone. Sent from my iPhone using Tapatalk |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
How do you turn off Avid Sign In on 12.5 start up? | monty585 | Pro Tools 12 | 8 | 04-13-2016 05:20 PM |
Avid HD Thunderbolt Core Won't turn on | IBNMusic | Pro Tools HDX & HD Native Systems (Mac) | 0 | 11-10-2015 05:54 PM |
Advice or Avid | Barry Johns | Pro Tools 10 | 1 | 12-11-2011 08:36 PM |
Avid Transfer of Ownership: Turn-around time | sws2h | Pro Tools 10 | 0 | 10-31-2011 06:00 AM |
Will PT9 run with FileVault (Mac OS)? | Alexander K | Pro Tools 9 | 10 | 03-25-2011 07:35 AM |