/
/

Site Navigation

Your Account

Choose Language

Discussion Topic

Options

A bit of an ambitious project

Hi guys! I may be coming back very soon!

Anyway,

Here's my idea,

recently, I've been helping out older folks with their PCs. It's been going well! What I've typically done is get them on windows 10, remove malware, setup UEFI, and get the person acquainted with the new setup. (There's been one major failure on a laptop not booting while setting up UEFI, but I got everything taken care of including all the files. They were still happy)

Now, I would like to try to kind of increase the amount of people who come to me. (So far, Geek Squad is my main competitor I've decided. I've noticed they will charge way too much for way too little.)

I'm not sure how to go about this, and hopefully you guys may have some pointers?

Here's a few questions that I should probably consider:

  • should I charge and if so, how much should I charge? Currently, I'm doing it for free and receiving whatever money they give me out of kindness. (typically I get $20)
  • What Items should I have handy? currently, I am going to receive a 32GB flash drive and USB to SATA and IDE adapter on wednesday. I have a windows 10 installation USB, some thermal paste and a USB 1TB HDD. Any other Items I should have handy?
  • Any software I should have handy? I've found this Read Write Everything software, which could cover most items. Anything else I should have?
  • On the Security of the persons files, when I need to put them on something I own, (file recovery, backup etc.) I will erase them once I am done with the laptop. I use the Gutmann method to erase files. is this secure enough? or should I try to find something more powerful? (that does not involve destroying the disk physically)
  • What issues should I avoid working with?
  • How will I make my "business" known to more people?
  • is this a good idea?

That's it for now.

Thanks!

@oldturkey03 @mayer @theimedic @kyle @luke @danj @pccheese @refectio

UPDATE:

heres a picture of what I use for the secure erase:

Block Image

Reply to discussion Subscribe to discussion

Is this a worthwhile discussion?

Yes No
Score 2
Add a comment

2 Replies

Filter by:
Most Helpful Newest Oldest

Options

So far this is the advice I have for you

Pricing for the client

My advice here is to charge them for the parts needed (RAM, hard drive, external media, etc.) and tack on a fee to purchase them if you select and purchase parts.

I would have 2 pricing structures:

  • Flat rate for a common job
    • Typical job time+ Part cost+additional cost on top of the base price (the base price and added cost are put into a single line)
  • For difficult or complicated jobs WITHOUT a predictable average, hourly rate plus parts.
    • Most techs charge $75/hour, but this varies and some charge less. It depends on the area and tech, but this is the generally accepted hour rate. Charge what you think is ideal for an hourly rate rather then follow an industry baseline if this is too high for you.

What I will do for budget conscious clients is allow them to buy the specified parts and only charge labor. The catch is I'm not responsible for the parts they purchase and make them sign a waiver stating that they have to deal with the manufacturer if something happens (unless it's your fault). Once they arrive, the client arranges a day to do the job.

I've also done some unconventional things like accepting the old hardware in exchange for a discount if the system is being replaced, just to name an example. While I am open to this I only accept it for this if it meets a few requirements I don't budge on:

  • The system is worth enough to bother (at least $100)
  • The hardware needs to be relatively modern (At least Ivy Bridge)
  • No BIOS passwords. No exceptions here whatsoever (even if I KNOW how to remove it).
  • No serious hardware issues
    • Missing hard drives are fine, but I NEED to see the SATA bus works if at all possible.

If you consider it, you will get paid and get a system you can use for yourself or a project. This is one of the ways I acquire hardware for my guides as well, just to name an example. Most of my equipment is acquired this way and what I get depends on the client and area (but I get more laptops then desktops at this point). A lot of this hardware is good but is just a few years old and can still be used. It's usually due to an upgrade rather then a hardware fault.

DO NOT cover parts this way; labor only. There's a chance the system has a hardware issue that's beyond repair, multiple hardware issues or a BIOS password you can't get rid of without hardware or a motherboard (mainly 2010+ Inspirons with the Dalles EEPROM, ThinkPads and ToughBooks). In many cases, these systems are scrap due to the cost to fix it rather then repairing it.

Clients and data

Putting client data on personal media

ONLY do this if you have to... You're assuming liability for their data. Either put it on media they own and authorize you to use or use a drive (USB drive or external hard drive) you buy and bill them for (Cost+acquisition cost). Pay for it in cash and give them the receipt to make warranty easy for the client.

If you must use your own media, DO NOT use personal media. Wipe it to the extent you can after you use it with a full drive erasure at some point as well.

Hard drives and how to deal with each client type

This is how I deal with it; take what you want from here. Base this on the risk factor you want to deal with.

  • Home clients: I typically offer them a choice and let them decide as these systems are generally less of a concern on the client end (on your end, treat them as you would anyone else in terms of security). It largely depends on the client, so offer options. I offer these options to home clients:
    • Drive erasure (No onsite)
    • Drive removal and return (Onsite if needed)

If you get the drive, try and rescue the factory image before erasure. In some cases, OEM's pull the drivers after a certain amount of time so this may be your only option for weird drivers (Ex: HP does this when a system is ~10 years old on the consumer side).

For business clients, the game is different. Treat them accordingly.

  • Standard business clients (no privacy law problems to be concerned with):
    • Drive erasure (Onsite if required, but discouraged)
    • Drive removal and return (Onsite)
      • Most of these clients are likely to want the drive back for security, so learn how to pull it from common Dell, HP and Lenovo business systems.
  • Privacy law clients (doctors, lawyers, etc.):
    • Drive return

Yes, this is my only solution for these clients. I'm not equipped for certified erasure (nor want to deal with the headaches) so it's literally easier for me to pull it and tell them to put it in a safe or something equally as secure. Some of these clients WILL expect you to sign auditing paperwork; note you returned the drive to the client or have them do it. Standard procedures for normal business clients just do not work for these privacy laws.

In order to do certified erasure I CANNOT use ATA Secure Erase; I need to use a tool like Blancco and do a 4kb read test to certify an erasure. I do not want to deal with the cost to do this because it doesn't make sense for the quality you get out of a 3-5 year old hard drive left on 24/7.

How to talk to clients about how well your erasure method works

  • I do not guarantee 100% drive erasure to anyone. Outside of using them for target practice or drilling holes in the platters, this is not possible. I am upfront with clients about this and say this: I cannot guarantee 100% erasure, since it is impossible; retain or destroy the drive for 100% secure disposal. However, the methods I use (ATA Secure Erase and DoD Short) are nearly 100% secure.
    • Be honest and don't sell them on false security. DoD Short uses 3 wipes+blanking, so while it's not the best it is the fastest in terms of balancing time and security.
  • Most hard drives aren't worth salvaging. Many have high hours/power on counts or SMART errors.
    • Most drives that I disqualify have heavy use or SMART problems. Determine what you are willing to tolerate and stick to that standard.
  • DO NOT REUSE THESE DRIVES IN CLIENT SYSTEMS.

Was this reply helpful?

Yes No
Score 2

18 Comments:

So, would you go with the 35-pass Gutmann method or the DoD method?

by

Guttmann isn't relevant really relevant on IDE/SATA drives. It's only really relevant on RLL/MFM drives and is a legacy carryover.

by

It still rewrites random data about 5 times and then 30 patterns, I dont see why it wont work? https://superuser.com/questions/676533/w...

by

Would David's boot and nuke be ideal? seems to be highly suggested on superuser. https://superuser.com/questions/4678/sec...

by

I use DBAN on drives that have buggy ATA Secure Erase or no support at all. Everything else gets ran through ATA Secure Erase.

by

Show 13 more comments

Add a comment
Most Helpful Answer

Options

@captainsnowball

First, Invest in Acronis.

This is your most important CYA tool.

Make a bootable using either a disk or thumb drive

On a customers computer, make a backup image. This preserves exact partition information including data, without sacrificing extra space for sector information (although you can do sector by sector).

Your best secure erase software is "Eraser". You have 40 different secure erase methods to choose from. You can also secure erase files vs the whole disc.

https://eraser.heidi.ie/

USB to SATA is not very efficient, any drive information gets lost in translating between the USB bridge and the SATA interface.

Invest in an older Dell Latitude series laptop with an "ESATA" interface. This is your best tool. The Dell Latitude E5440 supports traditional and UEFI bios.

The single quickest way to back up a hard drive is to take out the customer's SATA hard drive, and plug it into an ESATA dock and use Acronis to make a direct image of it.

You can then safely format and install Windows 10 with UEFI support on the customers hard drive. If Seagate or WD on the customer's side, you can download Acronis free on the customers hard drive afterward. The Acronis can browse and copy files from the image you just created and you can straight copy files from the image to the newly installed Windows 10. Otherwise, just use the Acronis file explorer to extract the files you want to a thumb drive to copy them over.

Was this reply helpful?

Yes No
Score 4

36 Comments:

You can get eSATA capable E Series docks.

by

@avanteguarde now what method should I use to erase?

by

Also, My Gaming PC has a WD HDD. would I be able to download it free then on my laptop? also, here is my SATA adapter that I had bought: http://a.co/cV3xolj

by

@captainsnowball I use either DoD or British to wipe drives.

WD's Acronis here.

by

@nick it has to be an older model E-series laptop. New models do not have the dock connector on the bottom. Instead, new Dell E-Series use a Macintosh style USB-C dock and there is no E-SATA.

The 14" E5440,etc had built in E-SATA ports. The 15" E6540 of the same year started removing built in E-SATA. Later docks also started phasing this out.

by

Show 31 more comments

Add a comment

Join the discussion

Aiden will be eternally grateful.