I’ve been using my employer-supplied computer—it’s a MacBook Pro—for both work and personal documents. The company allows it, but I’ve become increasingly uncomfortable with this. It’s bad personal security.
So how do I separate work documents from personal documents, while continuing to maintain easy access to everything?
Ideally I’d like to continue using one MacBook for everything.
And I also want to access all my Obsidian documents on the Mac, iPad, and iPhone.
Alternatives:
Store personal documents on a separate MacBook or external storage, accessible over home network. That gets me access to all documents on one Mac, but I don’t think I’d be able to access all documents from the iPad. Would I? And would I need to maintain separate vaults for work and personal documents?
Another solution would be to simply encrypt a folder for personal stuff, within my Obsidian vault. However, that might break linking, and I don’t think I’d be able to access those documents from my iPad, would I?
Here’s a third option, and I think it might work: Maintain two vaults. Sync using the Obsidian sync service. Both vaults are available on my personal MacBook and iPad. Only the work vault is synced to the work MacBook. If I need to access the personal vault from the work MacBook—which is actually how I’d access that vault most of the time—I do it over my home network. Would this work?
th reason why I mentioned 2 accounts is you could then also have work and personal calendars, work and personal email, work and personal address books, etc. Many companies don’t want those mixed for security. It also makes backups a bit more granular.
@BarryPorter13 I already have personal and work emails and calendars. I spent most of my career working in a volatile industry where I changed jobs every few years, so it was a necessity.
@Dor I presume so—and if they do, and I encrypt my personal data on the computer, then they will find a great big wodge of encrypted data.
To be clear, I quite like my job and the company I work for. But good security practice requires planning for the worst-case scenario, and I hav been slacking in that regard recently.
I think (as I haven’t tried and tested) this should be possible with the single vault. I personally prefer single vault system.
The primary requirement of my suggested solution is to have two directories in your vault root - Personal and Work. You may further want to create subdirectories for Assets and other stuff.
Under Work directory you may further create a company wise directories. It keeps everything separate at company level considering future job switches.
Below is visual representation of the proposed structure.
Vault
dashboard.md
Personal
Assets
Work
Company A
Assets
Company B
Assets
Now comes the syncing part. Let’s assume you’re okay having all work directories on your personal machine. You setup your vault with the above structure. You can setup to sync your entire vault with the Google Drive or whatever else you want. I use Google Drive to back up my vault.
On your Company A machine, manually create a root vault directory. Selectively sync .obsidian and Work/Company A directory from Google Drive under your manually created root directory. This will sync all your plug-ins and Metadata of your entire vault plus your assets and notes of the Company A.
The broader idea is to use folders to create physical boundaries. Selectively sync using Google Drive like services.
You may want to check the graph data on your work machine. It would show your personal notes connections but those links won’t be accessible as they won’t exist physically on your work machines. And, you’re okay with it.
That is helpful—but I don’t think I could access personal documents over the network from the work computer. Could I? And could I access both work and personal docs from my iPad?
Correct—I do not want to store personal information on my work machine. But I want to be able to access it remotely on my home-office network from the work machine.