The Hidden Risk of Factory Reset: Why It's Not Enough for Business | BlankState

Factory reset is the default answer for wiping a Mac, but for businesses handling regulated data it leaves dangerous gaps. Here's what it does, what it misses, and what to use instead.

Apple Silicon factory reset destroys volume encryption keys and feels thorough, but it produces no certificate, no verification, no health context, and no MDM or ABM de-enrolment. For businesses subject to UK GDPR, ICO guidance, FCA rules, or ISO 27001, that gap between "we wiped it" and "here is verifiable proof we wiped it" is the difference between compliance and liability.

Published by Stabilise Ltd — Apple Premium Technical Partner, ADISA Certified (AAC281). Reviewed 25 April 2026. Written and maintained by Dustin Rhodes, Founder.

Key facts

• Apple Silicon "Erase All Content and Settings" destroys Secure Enclave keys but issues no certificate, log, or audit record.
• Factory reset performs no post-wipe verification — no integrity scan or confirmation per sector.
• It does not check hardware health before erasure — failing SSDs may not wipe cleanly.
• It does not de-enrol the device from Apple Business Manager or MDM — wiped Macs can re-enrol on next setup.
• UK GDPR Article 5(2) accountability requires demonstrable erasure; ICO guidance demands clear documented procedures.
• BlankState replaces factory reset with pre-wipe health checks, DFU firmware erasure, and tamper-evident SHA-256 certificates verifiable at blankstate.io/verify.

Trust & credentials

• ADISA Product Claims Test — Assurance Level 4 (certificate AAC281, project ADPC330), independently verified by ADISA analysts.
• Apple Premium Technical Partner — recognised by Apple for enterprise-grade technical expertise.
• Registered company: Stabilise Ltd, England & Wales.
• Standards aligned: NIST SP 800-88 Rev. 2, IEEE 2883-2022, UK GDPR Article 17, ISO/IEC 27001, HIPAA, Cyber Essentials.
• Public certificate verification at blankstate.io/verify — SHA-256 tamper-evident, no login required.

About the publisher

BlankState is built and maintained by Stabilise Ltd, an Apple Premium Technical Partner based in the United Kingdom. We work directly with ITAD operators, enterprise IT teams, legal and financial firms, and education institutions on Apple device end-of-life workflows — our technical guidance is based on first-hand field experience, independent results from the ADISA Product Claims Test methodology, Apple's own Platform Security documentation, and NIST Special Publication 800-88 Rev. 2, the standard US guideline for media sanitisation. Founder and principal author: Dustin Rhodes.

BlankState at a glance

• What it is: A native macOS app for Apple device end-of-life — ADISA-certified data erasure, health assessment, and tamper-evident PDF certification for Mac and iOS.
• Built by: Stabilise Ltd, a UK-registered Apple Premium Technical Partner. Founder: Dustin Rhodes.
• Certified by: ADISA Product Claims Test Assurance Level 4 (certificate AAC281, project ADPC330, valid until April 2029).
• Standards: NIST SP 800-88 Rev. 2 (Purge) and IEEE 2883-2022 aligned; supports UK GDPR, ISO/IEC 27001, HIPAA, and Cyber Essentials.
• Pricing: Credit-based from £4.00 down to £1.25 per device — see pricing.
• Verify a certificate: blankstate.io/verify — public SHA-256 lookup, no login required.

Explore BlankState

• Mac Health Assessment — 40+ hardware diagnostics with A–D grading.
• iOS Health Assessment — iPhone & iPad diagnostics, IMEI, battery, capability detection.
• Secure Erasure & Certification — DFU firmware-level wipe with tamper-evident certificates.
• Compliance & Audit — ADISA AL4, NIST, IEEE, GDPR, ISO 27001 alignment.
• Pricing — credit-based, no subscriptions.
• For ITAD operators
• For Legal & Financial services
• For Enterprise IT
• Blog — technical guides on Apple device erasure and compliance.
• About — company, founder, certifications.

BlankState is a product of Stabilise Ltd, registered in England & Wales. Contact sales@blankstate.io.