Helping people with computers... one answer at a time.
When sending your computer out for repair, you're handing over everything on it, including your data. Options for remaining secure are limited.
How does one secure their hard drive while sending the computer to a repair facility? I have personal financial information on my hard drive and will just a password provide sufficient protection while the computer is in the shop?
•
What you've presented is actually quite a dilemma. The problem is that there's really no fool-proof solution to your scenario. In fact, I've heard of companies occasionally not repairing hard drives because it might mean that sensitive data might be visible to the repair technicians.
Your options are limited, but if you can plan ahead for it there's a chance.
•
The problem is that handing your computer over to a technician for repair violates one of the fundamental principals of security: if 's not physically secure, it's not secure.
Handing your computer to someone else is fundamentally insecure.
In a sense, it boils down to trust. In an ideal world, you would have a totally trustworthy technician working on your machine. In the real world, we've all heard of data being stolen by folks with access to your machine.
So what to do?
The only secure solution is to encrypt your data. You might opt for whole-disk encryption, but that might well thwart the technicians ability to fix your machine, since he'll need access to deal with any software issues.
The more practical solution might be to create an encrypted volume using a tool like TrueCrypt and place all of your sensitive information therein. Leave that volume password protected, and unmounted by default, and the technician can work on your machine without being able to access your financial information.
The problem may well be this: you need a working machine to set that up. If your machine is so broken that you can't set that up, then you're stuck. It's really something you probably want to set up ahead of time.
If the problem you're having the technician look into is not hard disk related, one option might be to remove the hard disk while he works on your machine. He (or you) would no doubt need to provide a temporary hard disk so he can work on your machine, but at least that wouldn't have your data on it. When you get the machine back you replace your hard drive and hopefully all is well.
The problem is that any password protection you might put on your files, short of actually encrypting them with a tool like TrueCrypt or AxCrypt (a file by file encrypter) is likely to be easily broken. That includes login passwords and Windows own built-in filesystem security features.
Short of that, unless readers have additional suggestions, it boils down to trust.
Choose your technician wisely.
Article C3630 - January 29, 2009
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
This is basically Jim's ans above but with a twist. It seems to me that the simplest way is to put your sensitive data on an external drive. With your data there it doesn't matter what happens to your computer. Basically, you don't worry about sensitive data on your computer because it never was on your computer in the first place. BTW, I just got a 1TB drive for under $130.
06-Feb-2009
I'm glad that there are others that have taken the words right out of my mouth. Always do you best to learn how to keep your pants at your waistline and not at your knees. LOL Shawn Patrick from Toronto, Canada
Posted by: Shawn Patrick at February 4, 2009 3:47 PMWhen I get a new computer or install a new HDD, the the first thing is to make an image of the HDD with Acronis True Image to external media. Then make regular image backups. Before turning the computer over to someone else, Wipe the HDD and put the orignal image back on it.
Posted by: L. O'Neal at February 8, 2009 12:50 AMSome very good suggestions. Thanks. However one of my concerns, not covered, is how to securely lockdown one's email client prior to handing over the computer? Seems to me that email itself often contains a huge amount of personal data. Mine sure does. Password protection of the app is sometimes possible, but useless, as so easily broken.
Just a word here too about the security passwords built into laptops. These provide very good protection, too good, as I found out to my lasting regret when I spilt a BIT of water onto the k'board. Some of the keys shorted and I was no longer able to enter a part of my password, so was permanently locked out of my laptop. An external USB keyboard of course was no help at all. These passwords are so built-in esp. the SVP which I believe resides in a hidden chip on the m'board, that you're hosed if you forget them or have a disaster like mine. Seems there's no password unlocking utilty around that can recover them. Well I certainly hadn't forgotten mine. So be warned!
If anyone's got any lateral thinking on a solution for this, other than a new MB, please reply.
15-Mar-2009
Hi
Thanking Leo.
Regarding this problem how a technicine is going to repair your computer if the hard disk is empty ?
I was rather thinking of a deontological protection.
06-Apr-2009