Hi, I am just leaving my company and moving to another soon. Currently, I have a MacBook Air M2 with Sonoma 14.5 (business Apple ID) which belongs to my current employer. However, my employer decided that I could keep the laptop for my personal use after my contract would end with employer next month. What are the best steps to securely and properly delete all data and especially reset the Macbook Air for my personal use and remove all necessary such as hardware reset, etc. Thank you.
This Macbook Air belongs to a company and it is used for business purposes to date with an business Apple ID. I will be leaving the company in September and I will be owning this laptop. So I would like to make sure all business data deleted and reset for personal use only. I do want to have the company to track me and any tools left would show I am not the owner of this laptop.
—–
Alp K.
The big question is: Does the MacBook have MDM installed? Is it "managed" by your company? If it is, it is vitally important that you have your company remove that before you leave. With MDM installed, the laptop will always belong to the company and is not safe for you to use and you could never resell it. It wouldn't be "yours."
Look in System Settings, General, Device Management.
Look in System Settings, General, Sharing, then for Remote Management and Remote Login.
Hold Option and select the Apple Menu, then choose System Information. Look under Software on the left and examine the sections Managed Client and Profiles.
In Terminal, run this command:
sudo profiles show -type enrollment
If it returns anything other than "Error fetching Device Enrollment configuration: Client is not DEP enabled." then you either have MDM or the company can turn it on later.
Ask. Speak to whomever is in charge of IT and ask them if they installed management software on your MacBook. Get a definitive answer.
If any of these indicate that MDM is installed or the MacBook is enrolled in MDM and it can be turned on at any time, then you must have it removed by the company. Only they can do it.
Do all of those steps above. It isn't 100% that you don't have MDM, but if you trust the company to tell you the truth then there's not much more you can do.
Once you are sure that MDM is not there or removed, then I would remove any data you need, like documents and such, from the Mac and store it elsewhere. You'd be erasing everything so you are going to lose any data you have on that Mac.
Then use Erase All Content and Settings in System Settings, General, Transfer or Reset. Then set it up using your own personal Apple ID. During the setup process, pay careful attention to each message, as there may be a warning if the Mac still is enrolled in MDM. So look for that.
Hi Gary, Thank you for the detailed response. It's very helpful!
My company performed a complete wipe of the MacBook today. I'll proceed with the setup shortly and will be vigilant for any MDM-related messages. Once the setup is complete, I'll follow your instructions regarding terminal commands and system settings to double-check for any MDM configurations.