Posted on 07-09-2015 11:37 AM
I have noticed that when I push my encryption policy it only encrypts the boot partition. Is there a way for Casper to encrypt multiple partitions?
Also, has anything changed with Boot Camp encryption? Is it still impossible to encrypt the Boot Camp partition?
Posted on 07-16-2015 02:12 PM
@Sobchak FV2 is not Full Disk Encrytion.. but rather Full Volume Encryption.. else the recovery could not be used.
People have encrypted multiple partitions & then added the recovery for each partition into the System.keychain.. neat workaround.. but for me feels flimsy & fwiw I can't find any examples as I type this :(
As to BootCamp.. I think people use "BitLocker"
Posted on 07-16-2015 03:07 PM
Yep. Exactly as @bentoms said. If you encrypted the whole disk you'd never be able to use the recovery partition (which gives you the FV2 login window, which allows you to get into your machine). And if you encrypted the BootCamp partition, there would be no way for Windows to understand the FV2 encryption scheme. So yeah, on the Windows side you would use bitlocker. We use bitlocker for all of our PCs. Not sure if it works properly with the way a mac hard drive gets partitioned when BootCamp is set up but I assume it does.