Apple Care: how do you protect your data in case of assistance?

[Squall Strife]

I'm considering buying a 2011 27" Imac (SSD + HDD) that will be my main computer, but there's one important aspect that keep me from pulling the trigger.
Let's suppose that for some malfunctions (let's say the screen or the power supply) I've got to send the Imac to an authorized Apple center...how can I protect all my personal data stored on the HD to prevent that someone at Apple can access it ? I mean, I'm a professional and I do work with my computer so, on my HD I usually store not only personal data but other private stuff of my customers too so, it is vitally important to me to protect their privacy too.
So the question is: what do you do when you send your computer to Apple? Do you format your HD before sending the machine?

(sorry for my english, it's not my first language)

 

[Taz Mangus]

I'm considering buying a 2011 27" Imac (SSD + HDD) that will be my main computer, but there's one important aspect that keep me from pulling the trigger.
Let's suppose that for some malfunctions (let's say the screen or the power supply) I've got to send the Imac to an authorized Apple center...how can I protect all my personal data stored on the HD to prevent that someone at Apple can access it ? I mean, I'm a professional and I do work with my computer so, on my HD I usually store not only personal data but other private stuff of my customers too so, it is vitally important to me to protect their privacy too.
So the question is: what do you do when you send your computer to Apple? Do you format your HD before sending the machine?

(sorry for my english, it's not my first language)

There is a simple solution don't store your valuable personal data on the internal hard drive. Buy yourself two external hard drives, one for time machine backups and one to store your valuable personal information on. This is what I do. So when I have to take the computer into the Apple store I simply disconnect the external hard drives.

 

[John T]

When I sent my old iMac in for service, I simply set up an additional account. Obviously the Service Centre needed a password to get into the machine to work on it. I gave them the password of the account recently created.

 

[aristobrat]

IMO, it's next-to-impossible to protect data on a machine that someone has physical access to.

You could create a second Administrator account, and only give Apple that password, but they could always boot your iMac off of the restore DVD and change the password of your main Administrator account.

If you're serious about protecting your data in general, then you probably already have a backup. In that case, before sending your Mac in for service, you could use Disk Utility to securely erase the entire Mac, reinstall a fresh copy of the OS, and then send it off to Apple. When they return it, restore your data back to the Mac. Using Time Machine and a backup on directly-connected USB drive, that'd be a relatively easy task.

 

[djc6]

I use File Vault to encrypt my data:

http://support.apple.com/kb/HT4790

That way if someone else has physical access to the computer - be in AppleCare, or a thief - they can't access the data.

Also, don't forget to use Time Machine. Pretty much the only thing to fail on my macs has been hard drives over the years. I tend to keep computers a long time, so its not if the HD will fail but when.

 

[Hamilton1963]

I second this advice. You should never save your data on an internal drive anyway, its not safe. I've seen people knocking their head on a wall for loosing all their data.

There is a simple solution don't store your valuable personal data on the internal hard drive. Buy yourself two external hard drives, one for time machine backups and one to store your valuable personal information on. This is what I do. So when I have to take the computer into the Apple store I simply disconnect the external hard drives.

 

[munkery]

Store security sensitive user data in sparse bundle disk images.

See #18 in the "Mac Security Suggestions" link found below in my sig.

 

[John T]

IMO, it's next-to-impossible to protect data on a machine that someone has physical access to.

Very true. However, providing the work is carried out by an approved Apple Service Provider, do people really think that they have the time or the inclination to look at so-called personal data?

 

[Macman45]

Exactly

Very true. However, providing the work is carried out by an approved Apple Service Provider, do people really think that they have the time or the inclination to look at so-called personal data?

Apple are fussy about who they employ. In the unlikely (hopes) event that my iMac or iPad should have to go back, I would pull everything out of keychain, and would feel confident that nobody is likely to hack my personal information.

Since most of it is copyright video music and photo work, they would be in deep if they did...

A little trust goes a long way.

 

[Texran]

If you have a major failure you'll be limited to what you can do, so you've got to be proactive. You may not be able to format for instance.
You should already be employing security with limited, and alternative access for sensitive, and valuable information in the event your unable to access your computer, as well as on and off site backups.
Apple wouldn't want your information to be compromised. The financial, and publicity would hurt even them, which gives me some comfort level.

 

[munkery]

Data in keychain is secure if you move security sensitive items out of your login keychain and into a new keychain that does not remain unlock.

Just make sure that the password for that new keychain is secure to prevent it from being brute forced.

Secure passwords include at least 8 characters with at least one character from lowercase alphabet, uppercase alphabet, numbers, and symbols.

See the "Mac Security Suggestions" link in my sig for more info.