Client Security – Part 3 – Remote Wipe

Hi all. Welcome to the final part of my blog series on client security for end users. This final time I will be discussing the final measure, remote wiping a device.

As before, this is geared more towards your average end-user rather than IT administrators, but it may provide you with ideas for your own end users.

The usual Disclaimer:

While the author has taken care to provide our readers with accurate information, please use your discretion before acting upon information based on the blog post. Amsys will not compensate you in any way whatsoever if you ever happen to suffer a loss/inconvenience/damage because of/while making use of information in this blog.

Secondary Disclaimer:

A lot of the items recommended in this series involve making your Mac more secure. A secondary result of this is that your data will be harder to recover if things should go wrong. Please ensure you have a full, all encompassing and tested (!) backup of your data before attempting these recommendations or you could find yourself locked out of your data!

This is certain with remote wipe (hence the name!).

Remote Wipe

Remote wipe is an extension of Apple’s iCloud, cloud-based services that originally started on its iPhone and iPad range before becoming available on Mac OS X 10.8 machines.

As the name suggests, remote wipe allows you to send a command to your Mac OS X computer and instruct it wipe its own data. The next time your ‘missing’ Mac gets an Internet connection, it’ll kill power, reboot and start the wiping process.

Is there not something else I can do?

Yes. As with Remote Wipe, Apple have transferred over the Remote Lock functionality from their iOS devices. One click of the Remote Lock option and you’ll be asked for a four-digit code. Once your missing Mac gets an Internet connection, it’ll kill all power, and reboot to a screen asking for those same four-digits. You can reboot the computer but it will only boot to this screen or the recovery partition (only letting you erase the Hard Drive). You can’t boot to another Hard Drive or to the network. You can’t even boot to Target Disk mode. However, a knowing engineer can still remove your Hard Drive and access the data that way.

Okay, I need to do it, but how?

Firstly, you need to have already done some preparation work. You’ll need to have iCloud setup on your Mac, along with “Find My Mac” enabled. A brand new 10.8 Mac will talk you through this as part of the initial setup assistant.
Once complete (and after your Mac has gone missing), you will need to get your hands on another Internet connected device.
1. Open a web browser and log onto https://www.icloud.com.
2. Sign in and click on “Find my iPhone” (ignore the name).
3. You will now be shown a Map with each of your ‘Find My device’ devices shown.
4. Select the device you wish to wipe and click the blue information icon or lock or select “Devices” from the top left menu and click your device.

os x client secuirty remote wipe

5. Finally, click “Erase Mac” or “Lock”. You will be asked to provide a four-digit code and to confirm.
6. If you chose “Lock”, your Mac will lock it’s self when it next gets an Internet connection, as described above. If you chose “Erase Mac”, your Mac will start to erase it’s self when it next gets an Internet connection.

Summary

And there you have it. Three blogs on ways to protect your Mac and the data it holds, including the ultimate deterrent, full erase.

Thanks for reading and again, I hope this at least proved to be some use.

Further reading

Apple – “iCloud: Erase your device remotely”

Leave a Reply

Your email address will not be published. Required fields are marked *