What is the best option to protect our Laptop?
Because any MacBook Pro in a table can be easily pick up by thieves, and we do have always our current work there (though all backed up, by Dropbox or external HD), my question is
Should we protect the access to our hard drive?
You would probably, if you travel a lot say yes, but
What software should we use to protect our work with a password?
... and, for example, after 3 wrong attempts, maybe erase all folders that we specified without an option to get it back?
Kinda like what iPhone give us in a business environment that we can, remotely, erase all personal data.
Solution 1:
For starters, encrypting your Home folder using FileVault (in the Security Preferences pane) is always a good idea. You might notice a bit of a performance hit (some people say they do, others don't notice a difference), but the tradeoff of additional security can give you some extra peace of mind.
As far as an iPhone-esque "wipe memory after [x] failed login attempts" function, the OS doesn't have anything like that built in, so you'd need to search out a 3rd party solution. I don't have any recommendations offhand for that, but likely someone else here could point you in the right direction.
Solution 2:
Install Prey.
"Prey is a lightweight application that will help you track and find your laptop if it ever gets stolen. It works in all operating systems and not only is it Open Source but also completely free."
Solution 3:
I bought a cable lock that I use whenever I'm not at home and need to step away from my laptop, even if only for a few moments. I lock the screen with password protection and attach the cable lock to the laptop and something that would be difficult if not impossible to move.
Solution 4:
The already mentioned FileVault will certainly help, but it must be coupled with a strong password.
In any case, the FileVault solution sometimes proves to be a problem, as it is known to have inconvenience to some pieces of software. If your intention is to completely wipe the system you have a few alternatives:
1) One would be to use a service like Lojack for Laptops, that has the option to remotely wipe the box. It’s basically has a service that will connect every 15 mins to their server to “check” if the Laptop is ok, if not, it will proceed to do different things (erasing information being one of the options).
2) You could do the above if you have scripting abilities and a webserver that you can upload files to. The basic idea consists in creating a script that will be executed upon boot (using Launchd), that will connect to your webserver and check for the existence of a file. E.g.: www.yourserver.com/mycomputer_erase.txt
If the file is found, then the script can execute a series of commands or something as simple as:
rm -rf /Users/youruser
You can go beyond that and use applescript to perform other tasks, like taking pictures or uploading stuff via ftp or even dropbox.
The concerns about #2 are:
What if I want to know where my laptop is? You can check your webserver logs to see who accessed the file and when.
What if my laptop gets erased before they turn it on or connect it? Well, this is basically not your problem, as you want your data to be erased, not your laptop to be recovered :)
Looking for a solution like #2, I came across this -not so new- post of a guy who did it with a Perl script. The post is from 2006, but it may help you go in the right direction. You can find it here.
In any case, all of the above could be certainly used in conjunction with FileVault.
Finally, make sure you have a backup of your data before experimenting with the scripts (or at least change the ‘rm’ command to something harmless ;)