Would you wipe of otherwise "lock" your Macbook before taking it in for routine repairs?

[GanChan]

I may be taking my Macbook to the Apple Store to replace the battery (I'm not sure I want to mess around with it myself). Should I be concerned about data security, since I keep lots of sensitive client/financial stuff on it? I know they'll want my password, etc. I don't particularly mind wiping the drive beforehand, especially since I was thinking about updating the OS anyway. Or I guess I could just encrypt the sensitive folders.... What's your preferred strategy in these situations?

 

[cuwickliffe]

I may be taking my Macbook to the Apple Store to replace the battery (I'm not sure I want to mess around with it myself). Should I be concerned about data security, since I keep lots of sensitive client/financial stuff on it? I know they'll want my password, etc. I don't particularly mind wiping the drive beforehand, especially since I was thinking about updating the OS anyway. Or I guess I could just encrypt the sensitive folders.... What's your preferred strategy in these situations?

If you have concerns, certainly use FileVault and encrypt the drive. Otherwise, I'd turn on the Guest account and let them use that if needed instead of giving our your account password. For a battery replacement, they'll likely use their own diagnostics software to test its functionality, which boots outside your hard drive's contents. They may not even go that far; just making sure the laptop boots once the new battery is installed.

Of course, if you're really concerned, copy the sensitive data off the laptop to a flash drive and keep at home until you get the laptop back.

 

[Audit13]

If your data is really important, I recommend always having a backup. This being said, I would wipe the drive and remove the firmware password before turning in the drive.

 

[Ambrosia7177]

I may be taking my Macbook to the Apple Store to replace the battery (I'm not sure I want to mess around with it myself). Should I be concerned about data security, since I keep lots of sensitive client/financial stuff on it? I know they'll want my password, etc. I don't particularly mind wiping the drive beforehand, especially since I was thinking about updating the OS anyway. Or I guess I could just encrypt the sensitive folders.... What's your preferred strategy in these situations?

HELL YES I WOULD BE WORRIED!!!!

It's the reason I hurried up and bought the last two Retina MacBook Pros with removeable SSDrives...

God help all of us when we own a Mac where you can't remove the hard-drive any more and need service.

You only hope of protecting your data is making sure you have Filevault2 turned on so you have full-disk encryption and (in theory) your data cannot be recovered from your hard-drive.

Obviously, you should make a backup to an external drive as well in case something happened to your Mac. (e.g. damaged, ost, stolen)

Solid-state computers are a bitch!

 

[posguy99]

I may be taking my Macbook to the Apple Store to replace the battery (I'm not sure I want to mess around with it myself). Should I be concerned about data security, since I keep lots of sensitive client/financial stuff on it? I know they'll want my password, etc. I don't particularly mind wiping the drive beforehand, especially since I was thinking about updating the OS anyway. Or I guess I could just encrypt the sensitive folders.... What's your preferred strategy in these situations?

Mine's using FileVault, of course... why isn't yours?

 

[hobowankenobi]

Not such a big deal. May not even log in to verify the battery replacement, but will ask for PW to be able to verify the machine is running correctly, battery is charging and behaving correctly, etc.


1. Make a service account; be sure it has admin access. Give that account info to the tech....so they can't easily get in your account, nor do you have to worry about giving out your current PW to anybody.

2. Be sure you backup, at least your most precious data, if not a full clone.

3. Filevault is great, but if you give the admin PW to your account, that decrypts the drive....so not useful. If you have sensitive stuff, create an encrypted disk image and put it all there. Even if you somebody gets access your account, they can't get yer goodies. Plenty of third party tools to create secure disk images, but DU will do it for free. This is old...but the steps are essentially the same.

I worked for years at an Apple certified repair center, and honestly, techs are too busy to care about people's data...unless they are doing data recovery.

And I can tell you some funny stories about asking folks for their password...and they were unprepared to say it out loud....

But those are not reasons enough NOT to secure anything that you consider sensitive. Wiping the drive is a bit like swatting flies with sledge hammer. If it makes you feel good....ok. But there is no requirement or pressing need just to secure private info.

 

[posguy99]

But those are not reasons enough NOT to secure anything that you consider sensitive. Wiping the drive is a bit like swatting flies with sledge hammer. If it makes you feel good....ok. But there is no requirement or pressing need just to secure private info.

You've *got* to be kidding. What if I (or someone) steal the laptop from you tomorrow? How people can possibly give advice like this in today's world is a complete mystery to me.

 

[hobowankenobi]

You've *got* to be kidding. What if I (or someone) steal the laptop from you tomorrow? How people can possibly give advice like this in today's world is a complete mystery to me.

Then you would get to see a bunch of stuff that I don't really care about you seeing. Everything else would be secured as I mentioned.

But this question wasn't about theft, it was about what to do before taking a machine for a battery swap. Many repairs require a tech to log in and verify a machine is functioning correctly....so yeah, the steps I laid out keep a users data private in this scenario.

If anybody is kidding about anything, it would be the notion that normal users would wipe a drive before they take a machine in for a battery swap. That's actually pretty funny. In decades of IT work, including many years as an Apple certified repair tech, I can say with great confidence that the number of machines that show up for repair with wiped drives, is less than 1%.

Once more for clarity: Filevault has no security value if the password is known. Often service requires an admin password....so FV is literally disabled by logging in. Theft is a different scenario because typically the PW is NOT known.

Feel free to wipe your drive before you take a machine for service, or travel, or whenever you want. Knock yourself out. But suggesting that everybody should do it every time a machine gets a battery swap...that is just silly.
[doublepost=1556207060][/doublepost]

HELL YES I WOULD BE WORRIED!!!!

It's the reason I hurried up and bought the last two Retina MacBook Pros with removeable SSDrives...

God help all of us when we own a Mac where you can't remove the hard-drive any more and need service.

You only hope of protecting your data is making sure you have Filevault2 turned on so you have full-disk encryption and (in theory) your data cannot be recovered from your hard-drive.

Obviously, you should make a backup to an external drive as well in case something happened to your Mac. (e.g. damaged, ost, stolen)

Solid-state computers are a bitch!

Perhaps best intentions, but you are spreading FUD.

The simple answer here is the same, regardless of spinning or solid state drives, removable or not: Consistent, scheduled and redundant backups, and securing sensitive data via drive and/or folder encryption.

This has been the best practice for nearly the entire history of computing, and has not changed with modern storage. If anything, it is easier, more secure, and we have more consumer options than ever before to protect and backup our data.

The only thing that has gotten worse (or harder) is restoring data from SSDs. But, on the other hand, they tend to fail less often than HDs. Overall, less data is being lost on modern SSDs compared to HDs...so while recovery chances are lower....the need to recover data due to hardware failure is lower too.