I have multiple Macs (for multiple users) backing up to a single Time Capsule over our network with an external USB drive connected. In the case of the backups saved to the external drive, they're all saved in the drive's root directory.
My Time Capsule is protected with user accounts, and each user has their own account.
I'd like to configure Time Machine such that each user can only see their own backup file on the Time Capsule, not those of other users, when they open the Time Capsule in Finder.
I'm aware that there's an option to encrypt backups in Time Machine setup, but the language around it suggests that the entire disk will be encrypted with a single password; I don't want to do this. I simply want each user to only be able to see their own backup file when they open the Time Capsule in Finder, and I want them to be able to log into the Time Capsule with their own username and password.
Is this the actual functionality of encrypting backups? If not, is there another way I can accomplish this?
Best Answer
Apple tried encrypting each user's files in FileVault 1 and did away with that when FileVault 2 arrived.
The easy/recommended way to do this is make no user an admin so that they cannot get around the prohibition to look at other user files. Also, you will have to physically secure the backup drive or trust that no one breaks the policy to not access that drive.
One easy thing you could do is have each Mac encrypt the backups by ticking that switch to prevent some users from seeing files from another computer but that won't prevent same computer users that are admin and know what to type. The downside there is for several computers managing the passwords becomes onerous to a less than ideal step up in privacy.
I would recommend you set up storage on a Mac mini server and have it serve up Time machine to each Mac so that you can control access better than using TimeCapsule. The performance will go up substantially along with the cost. The setup is fairly easy and there are inexpensive books to guide you if needed. AppleCare also supports server so hat is extremely inexpensive for three years of phone support for enterprise caliber support.