Somebody stole my iMacPublished Friday, 13th September, 2019
Sometime between the hours of 6pm on September 10th and 7:30am on September 11th, my iMac was stolen from my place of work. It was an unimpressive but effective break-in: a brick through the window, the computer under their arm, and out into the London air.
The hours that followed my discovery were filled with the tedious task of both damage limitation – 'what was on my computer that might compromise my security if somebody were able to access it?' – and setting up a new machine.
For both my own future reference and anybody else that might be searching "what to do when Mac stolen" then here are the steps I took both in attempting to secure the old, stolen machine and in setting up the new one.
To secure yourself after finding your device stolen:
Attempt to find the device using 'Find My...'
I don't think the thieves will be silly enough to let the computer connect to the internet; on the off chance they do, the Mac will begin the process of erasing itself and ping me its location. Apple have a guide on how to use Find My Mac on their website. If you haven't set this up yet, do it now.
Consider changing some of your passwords
If you use Apple devices, change your Apple ID password. Although the hard drive of the iMac in question was encrypted and I am therefore confident the thieves will be unable to extract data from it, I changed the passwords for anything that opens automatically when signing into my computer as an additional measure of security. Slack, email, even my password manager.
When setting up a new machine:
Turn on Location Services and sign into iCloud so that you can view all of your devices in 'Find My X'
As I've already said, I don't believe this will help me retrieve the device but it's a handy option to have. You'll also have the serial numbers stored in your Apple account which might be needed for purposes of law enforcement and insurance. You don't have to synchronise all of your data, either. In the settings menu, you can opt to just turn on Find My Mac.
Turn on FileVault
FileVault secures the data on your hard drive by encrypting it on-the-fly. It means that if someone were to plug my hard drive into another machine, they won't be able to do much with what's on there without the recovery key. You should store the key away from the machine in question. I keep a copy of all my encryption keys in the safest place I can think of, a Safe Deposit box in a central London bank. I'm not even joking.
Set a firmware password
A firmware password is different from the password you use to log in to your device. A firmware password prevents people from starting up from any disk other than the designated startup disk. This means the £1.5k computer they're trying to tinker with is now only worth its parts. Carefully follow Apple's guide to set up a firmware password.
Download and restore your old data
Let me say this really clearly: If you don't have a secure off-site back-up of your data, you're a fucking idiot. Backblaze creates cloud-based backups of your entire machine with optional encryption for just $6 a month. No storage limit, no catches. I restored my stolen iMac in mere minutes. I was back up and running in under 4 hours.
Reassess your workflow
Since the theft, I've opted to use Dropbox's Smart Sync tool to handle design files. I'm also opting to extend my personal rule to work in the cloud with tools that both enhance my security and guard my privacy further than my personal devices and onto the one I spend most of my time on.
It's never nice to find out you've been the victim of theft, especially if it happens to property that's personally yours rather than property that belongs to the company you work for. Hopefully you have insurance and are able to find the silver lining – this might be the excuse you need to redesign the way you work.