It’s happened to many of us: Our computer no longer functions and it’s beyond our ability to fix it. But we won’t know what needs to be fixed until a computer repair technician takes a look at it.
Before you bring your computer into a repair shop, you need to be aware of the risks to your data stored on your computer:
When you are granting someone access to repair your computer, you are granting them full access to the information that’s stored on it. That means access to passwords, email, pictures, financial records and whatever else you save on your computer that you consider to be private and confidential.
This isn’t a theoretical case of a ‘what if situation’. This happens more often than we realize. A lawsuit was filed against Geek Squad claiming employees comb through personal files and sometimes COPY lewd or other content over to their own personal hard drives. Then there is the case of a Hong Kong movie star who brought in his computer for repair, only to have pictures of him and other Hong Kong actresses leaked to the Internet.
In order for any of this to be effective, you need to be doing items 2 to 5 before a problem with your computer arises.
Here are 5 things you can do to protect your privacy or at least be aware of before you send in your computer to repair:
- What is the policy if your confidential information is exposed as a result of brining the computer
- Will the store take all the necessary steps to make sure your privacy is maintained
2. Remove all of your private information off your computer before bringing it in for repair.
- This includes financial statements, receipts, browser settings, cached passwords, email, pictures, etc.
3. Store your private information on an external drive instead of the main hard drive.
4. Back up your data frequently.
- Always remember to frequently back up your data. If you have to bring your computer in for repair and you haven’t backed up your information, it might be too late.
5. Use encryption software to protect your personal information.
- Encryption software exists that allows you to encrypt portions of your hard drive to prevent unauthorized access to your personal information.
If you can’t trust the computer repair shop, then I recommend this as a final alternative:
Remove your hard drive before bringing it in for repair.
If your problem is not software related you should remove your hard drive. Computer repair shops should have spare hard drives in stock to test with. If your computer won’t turn on, it’s likely the problem isn’t related to the hard drive anyways.
I recently saw a post on Twitter where someone extolled their love for the password manager software they use. They also mentioned the information that was stored in it, the type of information that is the secret sauce to a person’s identity: user names, passwords and banking information.
While I think the use of password management software isn’t entirely a bad idea (as long as you have other defenses in place), I do believe it’s a bad idea announcing WHAT YOU USE to store the recipe for your secret sauce, particularly when it’s on a social networking website, for everyone to see. That’s akin to announcing to the whole world the name and model number of the safe I use at home, what’s stored inside and where it is. But I’m still using a safe, so I’m secure right? No!
Posting critical information like that to a social networking website will make you a likelier target for hackers. It will be easy for them to build a profile of people based on their blog, Twitter and Facebook accounts, then plan a social engineering attack. The attack may come in the form of gaining your trust, then sending you a malicious file for you to execute. A general search of 1Password or Keepass on Twitter, will show you lots of users who are using the software.
While the secret sauce maybe encrypted, if a computer is infected with a trojan horse that has key logging features, the encryption no longer protects you and it becomes a moot point. If you don’t keep your operating system up to date, use anti-virus and a firewall that just makes you even more susceptible to your secret sauce being revealed.
The other question to ask yourself is, where do you store this information? Is that encrypted file on a laptop or desktop? What if the laptop is lost or stolen? Hopefully there is a back up. And a back up of that back up.
Rule of thumb: The more information you reveal about your computer’s defenses, the more vulnerable you become.
What concerns me, is how easily this lack of knowledge is spread via Twitter, and it will give people who aren’t as technically savvy, the wrong idea. I can guarante a lot of people will try out the password manager but forget to do everything else, like update their browser, anti-virus, operating system and install a firewall. If that’s the case, they will have all their eggs in one basket, and be ripe for the picking.
A woman had her laptop stolen from her while she was visiting a hospital in Toronto. She had over 1600+ images stored on her laptop of her daughter who had passed away a while ago. The police recovered the laptop but unfortunately the system was wiped clean.
Luckily a local data recovery service was able to retrieve her pictures for her, at no cost. Those services usually cost an arm and a leg just to get your data back.
Read more about why you should back up your data…