What is everyone doing for data security?

Discussion in 'MacBook Pro' started by Benchobi1, Dec 10, 2016.

  1. Benchobi1 macrumors newbie

    Joined:
    Dec 10, 2016
    #1
    My old Macbook Pro is needing a replacement. I was hopeful for this model, but the soldered in SSD is a REAL concern. I work for places who are VERY sensitive over their data and some places I work "don't exist". I use my Mac for my personal finances as well.

    So if the computer needs to go out for repair or replacement, what is everyone doing to safeguard their data? I guess the obvious answer is to store everything on external storage; however, at this price point it seems ridiculous to always have to use a plugged in drive to do my work. In the old days I'd remove the hard drive and replace with a fresh one. This is not an option any longer.

    What's your strategy?
     
  2. BasicGreatGuy Contributor

    BasicGreatGuy

    Joined:
    Sep 21, 2012
    Location:
    In the middle of several books.
    #2
    Currently, I have 2 TM backups going and a CCC backup. If I need to take my Mac in for service or replacement, I can wipe the drive and install a new copy of Sierra (I run FileVault) and take to Apple.
     
  3. iizmoo macrumors 6502

    Joined:
    Jan 8, 2014
    #3
    Turn on FileVault, and use a really really long password to unlock the FileVault encryption key. I do not keep the encryption key on iCloud.

    You can also further create an 256 bit encrypt sparse image to store secure files within the encrypted partition. I do that just so I can sync a storage image via Dropbox that has my tax returns and financial stuffs. But then again, I work at places that "do" exists.

    The question really is, if there are state actors involved on the other side, do they have the capability to decrypt your stuffs even with the whole strong passwords and 256-bit encryptions... The average criminal don't, but from the sound of your post, the average criminals might only be the lower third of the threads you're trying to protect against.
     
  4. ssong macrumors 6502a

    ssong

    Joined:
    May 3, 2015
    Location:
    London, UK
    #4
    bumping for interest.

    but to op, I would have assumed that for highly security sensitive companies they would provide you with devices rather than do the usual BYOD? Or do they install lots of stuff and micro manage your device?
     
  5. fatalogic, Dec 10, 2016
    Last edited: Dec 10, 2016

    fatalogic macrumors regular

    fatalogic

    Joined:
    Aug 16, 2016
    #5
    I'd get the smallest built-in ssd and go external. At least if you need to wipe the data you could be certain the drive is really destroyed with an external drive vs trading in the laptop with recoverable information on the drive.
     
  6. Benchobi1 thread starter macrumors newbie

    Joined:
    Dec 10, 2016
    #6
    We're an independent contractor and we work for several high security places. As such, we're expected to provide our own equipment and we're expected to safeguard the client's data. We don't attached to the client's network, but our work generates documentation that can't be let out.

    Of course it's not usually a problem since we do take extreme care. My biggest concern is not necessarily your average thief. I'm more worried about the computer going back to Apple with sensitive data on it. After all, if anyone can access an encrypted drive, it would be Apple.
    --- Post Merged, Dec 10, 2016 ---
    I might just have to suck it up and go this route. It is the most peace of mind.
     
  7. iizmoo macrumors 6502

    Joined:
    Jan 8, 2014
    #7
    They wouldn't be able to access it unless you give the unlocking password or store your encryption key on iCloud where they have a potential to access it. Have you been giving the Apple techs your password?

    FileVault encryption isn't the same thing as all the iphone password unlocking nonsense with the FBI and Apple. It's actually pretty well rounded designed, unless you do something silly like giving people your password, or storing the decryption key on the cloud...
     
  8. i'mnewhere macrumors newbie

    Joined:
    Feb 6, 2012
    #8
    In addition to filevault, you could also use a secure usb dongle to add second factor authentication at login
     

Share This Page