Companies are still struggling to dispose safely of
their old PCs and mobile gadgets, with users open to having their
personal details and identities stolen.
A survey by mobile security firm
Pointsec
shows a large number of firms risk their uncleaned hard discs
ending up in the second hand market or going to developing
countries where details might be extracted and sold to identity
theft gangs.
The survey of 330 firms, with over half employing more than
2,000 people, showed that less than half of companies used
professional disposal companies to destroy their old hardware.
The rest chose to sell kit to second hand dealers or to staff,
which often meant the next recipient had access to the old
data.
The survey found that 17% destroy computers or gadgets in-house,
which is arguably the safest approach, as companies can witness
that the right procedure has been followed to adequately destroy
the data, said Pointsec.
Martin Allen, managing director of Pointsec, said, “We’ve all
heard about PCs thrown away in UK council tips that have ended up
in West Africa with local extortionists and opportunists selling
the contents, such as bank account details for less than £20.
“Many corporations can also fall victim to this sort of scam by
selling their old PCs to second hand dealers who often don’t have
the skills or resources to reformat and clean them adequately. We
recommend thoroughly reformatting the hard drive or encrypting the
data on all mobile devices.”
To really make sure sensitive data is destroyed, said Allen,
firms should either smash the hard disc or burn it.
How to mitigate information theft
Read
David Lacey’s
security blog
Read
Stuart King’s
risk management blog
Comment on this article:
computer.weekly@rbi.co.uk