For 2014 I’ve decided that I’m going to be much more security conscious.
A couple years ago in search of better push support on iDevices (eg iPhone), I switched from my self-hosted exchange solution to iCloud for all my email. I now have all my email addresses forwarded to iCloud.
- E-mail is all stored (forever?) on Apple’s servers.
- The Spam filtering sucks.
- ‘Private’ e-mails are coming over iCloud and being archived with all my other mail (I archive my general mail).
- Host e-mail on self-hosted (mac mini) Apple OSX Server. (All current e-mail will be forwarded).
- PGP on all iDevices and laptops/computers.
- S/MIME on all iDevices and laptops/computers.
- (todo) Spam Filtering (potentially with DSPAM).
- (todo) Setup a small encrypted mail server (Dovecot + postfix + DSPAM
Sync and Backup
Between photos, music, desktop backgrounds, application preferences, etc there is lots of stuff that needs to be sync’d these days. In the past I used a combination of many things including iCloud, DropBox, and bittorrentsync.
- DropBox has size limitations (with free version…).
- DropBox and iCloud are centralized.
- Important files need to be backed up with some sort of versioning incase something is accidentally deleted or corrupted.
- Sensitive files need to be encrypted and backed up.
- iCloud sync for all non-sensitive application data (for any apps that support it).
- BTSync for everything else.
- Important and Sensitive documents will also be backed up to Synology NAS unit that does versioning incase of accidents. This also provides a fast mirror of all content.
- Large aperture library will also be backed up to the NAS using BTSync.
- Sensitive data encrypted with EncFS then Sync’d and backed up using BTSync.
- Desktop backgrounds sync with BTSync.
- Music and TV is stored on the Synology NAS and streamed via Subsonic (music), Plex (TV/Music), and Synology’s Audio/Video stations.
- KyPass Companion (stored in iCloud) for syncing KeePass password database. (This also integrates with google chrome, I use it instead of google chrome’s password manager).
- Use a password manager, separate passwords for everything.
- Use strong passwords (since you’re using a password manager, this shouldn’t make any difference when logging in since you’re not typing passwords anyways).
- Downloads, Files in work, etc all go into sync’d directories now. Nothing should only be stored locally.
- Media (Music/TV) should all be streamed, no more storing content locally.
- Use PGP or SMIME as often as possible. Be careful with private keys (I store them in a TrueCrypt volume to make it easy to share between machines).
- Do a clean install of OS X every now and again. Do it even more frequently if you’re downloading random stuff.