Privacy Concern

Discussion in 'Mac Basics and Help' started by iMi, Dec 27, 2014.

  1. iMi, Dec 27, 2014
    Last edited: Dec 27, 2014

    iMi macrumors 6502a

    iMi

    Joined:
    Sep 13, 2014
    #1
    How concern should I be about the safety of client data and business files on my computer being repaired by Apple? I dropped the machine off today. Expected Apple to fix it today but parts are needed. They have to keep it for a few days. It occurred to me that all my work email, client information and important files are on that machine (desktop computer) and accessible to anyone at the store with a click of the power button.

    Should I worry about data security and privacy?
     
  2. pdjudd macrumors 601

    Joined:
    Jun 19, 2007
    Location:
    Plymouth, MN
    #2
    I don’t think there is much to worry about - so long as the issue isn’t HD related. If anything the most they will do with a repair is check to make sure the drive boots the OS normally. As a person that repairs PC’s, we generally don’t care about your personal data - the reliability of a company is based on trust and professionalism. If Apple had a reputation for looking at personal data, we would be hearing about it. We don’t.

    I seriously doubt that your business information is something that a random employee would ever be worried about.
     
  3. iMi thread starter macrumors 6502a

    iMi

    Joined:
    Sep 13, 2014
    #3
    Thanks for the response. You made a good point and it sure is comforting.
     
  4. pdjudd macrumors 601

    Joined:
    Jun 19, 2007
    Location:
    Plymouth, MN
    #4
    Think about it from this perspective - the only reason that an Apple employee would be interested in your business data would be if they were also working for a direct competitor and they knew you were getting your Mac repaired and they got lucky enough to be assigned to your repair. The odds off all of these happening is rather slim.
     
  5. glenthompson macrumors 68000

    glenthompson

    Joined:
    Apr 27, 2011
    Location:
    Virginia
    #5
    While I wouldn't worry too much about the machine in Apple's hands, you should be far more concerned about client data and security.

    Isn't your Mac password protected? You don't use automatic login do you? Have you enabled FileVault? If the Mac was stolen, what would you say to your clients about their data?
     
  6. iMi thread starter macrumors 6502a

    iMi

    Joined:
    Sep 13, 2014
    #6
    No, but it's the 27" iMac and I work from home. I never thought about it being stolen. Slim chances, I guess. I'll definitely do more when the machine comes back. My laptop is encrypted and password protected.

    The concern isn't about the security of the data in my office. The question was about whether or not I can trust Apple employees working on the machine not to look through the computer while it's being repaired. Besides, I've read they request passwords from customers when the machine goes in for repairs. I was shocked to read that...
     
  7. pdjudd macrumors 601

    Joined:
    Jun 19, 2007
    Location:
    Plymouth, MN
    #7
    As someone who repairs PC’s for a living it is standard procedure so that we can verify that everything works properly and that we can replicate certain reported problems. Plus it’s the only way to differentiate OS problems VS a corrupt user account that generates the issue.

    We have to diagnose things to make sure that when you get it back, we know it will properly works and you won’t be sending it back a few days later since we couldn’t get into your account to do our checking 100%. We would be remise if we just said “well it looks OK to me" without doing due diligence.

    Trust me, any good repair shop is going to need to get to your account.
     
  8. glenthompson macrumors 68000

    glenthompson

    Joined:
    Apr 27, 2011
    Location:
    Virginia
    #8
    There should be no reason for a hardware repair to need the password. If asked, I would ask to talk to their manager and ask why they are violating basic security protocols. Only person that gets my password is my wife. If they were helping with a software problem then they might need the login but should ask you to login for them.
     
  9. iMi thread starter macrumors 6502a

    iMi

    Joined:
    Sep 13, 2014
    #9
    I agree. They are replacing the screen as it's defective. Shouldn't have the need to go though my files. I didn't think they'd keep the machine (screen had to be ordered) and didn't really plan ahead. Now I'm thinking about all the financial statements, taxes, business files... Just the though of anyone at the store being able to access all this information freely with a click of a button makes me cringe. What actually made me think about it is the language on the form that says they are "not responsible for breach of the data" on my computer... Hmm.

    This thing is getting locked up and password protected as soon as it returns. I never think about it being stolen when it's in my office but it could happen!
     
  10. pdjudd macrumors 601

    Joined:
    Jun 19, 2007
    Location:
    Plymouth, MN
    #10
    They are not going through your files - that would be highly unprofessional and Apple would never survive the PR backlash. I can guarantee they have a policy that expressly forbids looking at peoples content without prior authorization. They use it to make sure your computer boots normally (so they can say for sure that it’s solely hardware and not some other issue) and give it an clean bill of heath.

    Apple doesn’t care about anybody’s private business records or contacts. They don’t care about your data.
     
  11. iMi thread starter macrumors 6502a

    iMi

    Joined:
    Sep 13, 2014
    #11
    Very reassuring. Thanks for sharing your thoughts on this!
     
  12. chown33 macrumors 604

    Joined:
    Aug 9, 2009
    #12
    Put all that stuff on an encrypted disk image. Give it a different password than your account (or any account).

    Then in the future, if you have to give the account password in order to facilitate repairs, the private data on the encrypted disk image will remain private because it's not accessed by the same password, nor is it immediately accessible after booting (like Full Disk Encryption would do).

    Think of the encrypted disk image as a safe in your closet, or a locking file cabinet. If you give someone the key to the house, they still can't get into the safe or file cabinet because it has a separate key or combination.
     
  13. iMi thread starter macrumors 6502a

    iMi

    Joined:
    Sep 13, 2014
    #13
    Brilliant advise! This is exactly what I'll do when the machine comes back. Thanks!
     

Share This Page