Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

4/18/2013
02:01 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Old Data May Create New Risks For Businesses

Shred-it offers tips to help arm businesses against fraud before disposing of old electronic devices

NEW YORK, April 16, 2013 /PRNewswire/ -- When it comes to aging or obsolete hard drives and electronic devices, many companies may not be vigilant enough with information security procedures. Not only should businesses be careful about what goes in the trash bin, they should also consider how to dispose of old electronic devices as they may be a source of potential fraud. Further, while secure disposal of old electronic devices is crucial, it's also important to ensure these items are being recycled. With Earth Day coming up on April 22, now is a perfect time for businesses to take the steps to guarantee that obsolete electronic devices are properly destroyed and recycled.

A recent North American survey asking large and small businesses to share their attitudes, practices and protocols towards data security revealed that 54% of American businesses think that erasing, wiping, reformatting or degaussing old electronic devices was enough to protect their confidential information from being retrieved. Unfortunately, this is not the case. The most effective way to permanently destroy all information is to crush the hard drive or electronic media device.

"In order for businesses to fully protect themselves in today's information-based economy, it is crucial to look at all potential sources of fraud," says Bruce Andrew, Vice President, from Shred-it. "Organizations must think twice before recycling or repurposing old hard drives or electronic media devices to ensure they're not leaving themselves or their customers vulnerable to fraud or identity theft."

The cost of destroying electronic devices is minimal when compared to the consequences if sensitive information is lifted from an old hard drive or electronic media device. To ensure your company doesn't become a victim of this type of fraud, below are some tips to consider:

-- Perform regular clean-outs of storage facilities and avoid stockpiling

unused hard drives and electronic media

-- Create a comprehensive information security strategy and implement

security policies that govern all units of an organization and are

compliant with national identity theft and privacy legislation

-- Regularly review your organization's information security policy to

incorporate new and emerging forms of electronic media and ensure any

policy updates are clearly and regularly communicated to all employees

-- Destroy all unused hard drives and electronic media using a third-party

provider who has a secure chain of custody to ensure your data is being

kept out of the hands of fraudsters

-- Ensure your vendor has well-established recycling and environmental

protocols

-- Consider fully destroying information-storing items such as hard drives

and electronic media devices, including: backup magnetic tapes, floppy

disks, zip drives, CDs or DVDs

About Shred-it

Shred-it is a world-leading information security company providing information destruction services that ensure the security and integrity of our clients'

private information. The company operates 140 service locations in 16 countries worldwide, servicing more than 150,000 global, national and local businesses, including the world's top intelligence and security agencies, more than 500 police forces, 1,500 hospitals, 8,500 bank branches and 1,200 universities and colleges.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/10/2020
Researcher Finds New Office Macro Attacks for MacOS
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/7/2020
Hacking It as a CISO: Advice for Security Leadership
Kelly Sheridan, Staff Editor, Dark Reading,  8/10/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8720
PUBLISHED: 2020-08-13
Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable denial of service via local access.
CVE-2020-12300
PUBLISHED: 2020-08-13
Uninitialized pointer in BIOS firmware for Intel(R) Server Board Families S2600CW, S2600KP, S2600TP, and S2600WT may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2020-12301
PUBLISHED: 2020-08-13
Improper initialization in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2020-7307
PUBLISHED: 2020-08-13
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the RiskDB username and password via unprotected log files containing plain text credentials.
CVE-2020-8679
PUBLISHED: 2020-08-13
Out-of-bounds write in Kernel Mode Driver for some Intel(R) Graphics Drivers before version 26.20.100.7755 may allow an authenticated user to potentially enable denial of service via local access.