Apple Time Capsule Security Concerns

Shikkaka · 17 Apr 2015 at 08:38

Morning all,

I'm considering purchasing an Apple Time Capsule as a backup device for the Design team at my work place. My understanding is that it creates it's own wireless access point which the Time Machine application on each device points to.

Can anyone explain the security implications of having this sort of device in a corporate environment? The company are very wary of rogue access points being set up along side the company network.

Ideally I'd like to put this suggestion forward as a company standard for offices with Apple devices.

Thanks

b0rn2sk8 · 18 Apr 2015 at 02:37

It is really a consumer product, its fine for backing up little Jimmy's MP3's, but I wouldn't take my business anywhere near it.

There are much better solutions out there which I'm sure someone will come along soon and recommend one.

lamboman · 19 Apr 2015 at 19:20

Think of it as being a wireless router with a built-in hard drive and AFP sharing capabilities...because that's exactly what it is. No different to any other router (including the AirPort Extreme) with an external hard drive plugged in. Security implications aren't really going to differ compared to a network share hosted by a server or whatever.

My recommendations overall would be:

Do NOT get a Time Capsule. For multiple machines I'd be looking at a Mac mini to run as a backup server along with a decent RAID 1/5/6 enclosure. Far more costly, however losing data is even more expensive.
Do NOT consider running anything other than a officially supported solution. Far too many people have found all kinds of weirdness happen running Netatalk on Linux boxes and whatnot for this (I've done it for my two Macs and with consistency after around two weeks I end up with corrupt sparsebundles).
DO feel free to consider other backup solutions, however it can almost be guaranteed that Time Machine is going to be the least hassle and works very well indeed (and you can of course encrypt backups). Out of all contenders for "it works out of the box", Time Machine with a supported solution (Mac OS X Server, Time Capsule or external drive) works very reliably, it's just a case of picking one of those depending on the scale of the project (number of machines, amount of data being dealt with).
Stick with wired connections. I don't remember it happening with the Mac server, however backups stopping half way through when there is heavy activity and failing has been a frequent occurrence with all the unsupported configurations I have tried.

To summarise the above, either external drives for each machine or a Mac mini Server across wired connections (though wireless may work, big backups hourly on multiple machines is just going to end up with poor performance). And that last sentence can be taken as "Mac mini server". Multiple external drives is a bit non-sensical.

Speaking from experience (in a home environment, but it'd be exactly the same for a work environment as OS X Server is OS X Server) the Mac mini server solution is the best way to go, and is dead easy to setup and manage. £1000 for such a solution to protect a business in the long run is, figuratively speaking, pennies.

Then there are all the other advantages if you're running an all-Apple environment, though those can be found on the Apple website with ease.

Caged · 19 Apr 2015 at 19:44

There are a million options for client machine backup that are designed for corporate use, why you would use something that gives you no central reporting on the backup state of clients and no ability to ship backups offsite / replicate to another site I would have no idea.

Sell it on and chalk it up to experience, then buy a corporate Backblaze subscription. Or spin up a CrashPlan PROe server behind your firewall if it's sensitive data.