Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Privacy Concern

I

iMi

Suspended
Original poster
Sep 13, 2014
1,624
3,201
How concern should I be about the safety of client data and business files on my computer being repaired by Apple? I dropped the machine off today. Expected Apple to fix it today but parts are needed. They have to keep it for a few days. It occurred to me that all my work email, client information and important files are on that machine (desktop computer) and accessible to anyone at the store with a click of the power button.

Should I worry about data security and privacy?
 
Last edited:
I don’t think there is much to worry about - so long as the issue isn’t HD related. If anything the most they will do with a repair is check to make sure the drive boots the OS normally. As a person that repairs PC’s, we generally don’t care about your personal data - the reliability of a company is based on trust and professionalism. If Apple had a reputation for looking at personal data, we would be hearing about it. We don’t.

I seriously doubt that your business information is something that a random employee would ever be worried about.
 
pdjudd said:
I don’t think there is much to worry about - so long as the issue isn’t HD related. If anything the most they will do with a repair is check to make sure the drive boots the OS normally. As a person that repairs PC’s, we generally don’t care about your personal data - the reliability of a company is based on trust and professionalism. If Apple had a reputation for looking at personal data, we would be hearing about it. We don’t.

I seriously doubt that your business information is something that a random employee would ever be worried about.
Click to expand...

Thanks for the response. You made a good point and it sure is comforting.
 
Think about it from this perspective - the only reason that an Apple employee would be interested in your business data would be if they were also working for a direct competitor and they knew you were getting your Mac repaired and they got lucky enough to be assigned to your repair. The odds off all of these happening is rather slim.
 
iMi said:
. . . It occurred to me that all my work email, client information and important files are on that machine (desktop computer) and accessible to anyone at the store with a click of the power button.

Should I worry about data security and privacy?
Click to expand...

While I wouldn't worry too much about the machine in Apple's hands, you should be far more concerned about client data and security.

Isn't your Mac password protected? You don't use automatic login do you? Have you enabled FileVault? If the Mac was stolen, what would you say to your clients about their data?
 
glenthompson said:
While I wouldn't worry too much about the machine in Apple's hands, you should be far more concerned about client data and security.

Isn't your Mac password protected? You don't use automatic login do you? Have you enabled FileVault? If the Mac was stolen, what would you say to your clients about their data?
Click to expand...

No, but it's the 27" iMac and I work from home. I never thought about it being stolen. Slim chances, I guess. I'll definitely do more when the machine comes back. My laptop is encrypted and password protected.

The concern isn't about the security of the data in my office. The question was about whether or not I can trust Apple employees working on the machine not to look through the computer while it's being repaired. Besides, I've read they request passwords from customers when the machine goes in for repairs. I was shocked to read that...
 
iMi said:
I was shocked to read that...
Click to expand...

As someone who repairs PC’s for a living it is standard procedure so that we can verify that everything works properly and that we can replicate certain reported problems. Plus it’s the only way to differentiate OS problems VS a corrupt user account that generates the issue.

We have to diagnose things to make sure that when you get it back, we know it will properly works and you won’t be sending it back a few days later since we couldn’t get into your account to do our checking 100%. We would be remise if we just said “well it looks OK to me" without doing due diligence.

Trust me, any good repair shop is going to need to get to your account.
 
iMi said:
No, but it's the 27" iMac and I work from home. I never thought about it being stolen. Slim chances, I guess. I'll definitely do more when the machine comes back. My laptop is encrypted and password protected.

The concern isn't about the security of the data in my office. The question was about whether or not I can trust Apple employees working on the machine not to look through the computer while it's being repaired. Besides, I've read they request passwords from customers when the machine goes in for repairs. I was shocked to read that...
Click to expand...

There should be no reason for a hardware repair to need the password. If asked, I would ask to talk to their manager and ask why they are violating basic security protocols. Only person that gets my password is my wife. If they were helping with a software problem then they might need the login but should ask you to login for them.
 
glenthompson said:
There should be no reason for a hardware repair to need the password. If asked, I would ask to talk to their manager and ask why they are violating basic security protocols. Only person that gets my password is my wife. If they were helping with a software problem then they might need the login but should ask you to login for them.
Click to expand...

I agree. They are replacing the screen as it's defective. Shouldn't have the need to go though my files. I didn't think they'd keep the machine (screen had to be ordered) and didn't really plan ahead. Now I'm thinking about all the financial statements, taxes, business files... Just the though of anyone at the store being able to access all this information freely with a click of a button makes me cringe. What actually made me think about it is the language on the form that says they are "not responsible for breach of the data" on my computer... Hmm.

This thing is getting locked up and password protected as soon as it returns. I never think about it being stolen when it's in my office but it could happen!
 
iMi said:
I agree. They are replacing the screen as it's defective. Shouldn't have the need to go though my files.
Click to expand...

They are not going through your files - that would be highly unprofessional and Apple would never survive the PR backlash. I can guarantee they have a policy that expressly forbids looking at peoples content without prior authorization. They use it to make sure your computer boots normally (so they can say for sure that it’s solely hardware and not some other issue) and give it an clean bill of heath.

Apple doesn’t care about anybody’s private business records or contacts. They don’t care about your data.
 
pdjudd said:
They are not going through your files - that would be highly unprofessional and Apple would never survive the PR backlash. I can guarantee they have a policy that expressly forbids looking at peoples content without prior authorization. They use it to make sure your computer boots normally (so they can say for sure that it’s solely hardware and not some other issue) and give it an clean bill of heath.

Apple doesn’t care about anybody’s private business records or contacts. They don’t care about your data.
Click to expand...

Very reassuring. Thanks for sharing your thoughts on this!
 
iMi said:
I agree. They are replacing the screen as it's defective. Shouldn't have the need to go though my files. I didn't think they'd keep the machine (screen had to be ordered) and didn't really plan ahead. Now I'm thinking about all the financial statements, taxes, business files... Just the though of anyone at the store being able to access all this information freely with a click of a button makes me cringe. What actually made me think about it is the language on the form that says they are "not responsible for breach of the data" on my computer... Hmm.

This thing is getting locked up and password protected as soon as it returns. I never think about it being stolen when it's in my office but it could happen!
Click to expand...
Put all that stuff on an encrypted disk image. Give it a different password than your account (or any account).

Then in the future, if you have to give the account password in order to facilitate repairs, the private data on the encrypted disk image will remain private because it's not accessed by the same password, nor is it immediately accessible after booting (like Full Disk Encryption would do).

Think of the encrypted disk image as a safe in your closet, or a locking file cabinet. If you give someone the key to the house, they still can't get into the safe or file cabinet because it has a separate key or combination.
 
chown33 said:
Put all that stuff on an encrypted disk image. Give it a different password than your account (or any account).

Then in the future, if you have to give the account password in order to facilitate repairs, the private data on the encrypted disk image will remain private because it's not accessed by the same password, nor is it immediately accessible after booting (like Full Disk Encryption would do).

Think of the encrypted disk image as a safe in your closet, or a locking file cabinet. If you give someone the key to the house, they still can't get into the safe or file cabinet because it has a separate key or combination.
Click to expand...

Brilliant advise! This is exactly what I'll do when the machine comes back. Thanks!
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back