Studies Show Hard Drive Security Has Never Been More Important
“In this world nothing can be said to be certain, except death and taxes” – and cybercrime.
Cybercrime and the cost of data breach have become permanent risk factors today for all size organisations.
In the Cybercrime Global Economic Crime Survey 2016 by PwC, cybercrime rose from 4th to 2nd place on the most-reported types of economic crime list. Reputational damage was the most damaging impact followed by legal, investment, and/or enforcement costs.
There’s now a concern that the mobile workforce will increase data security vulnerabilities – and challenges – even more. In response, organisations are increasingly implementing robust digital data protection policies such as hard drive destruction of any obsolete technology.
More workers than ever are using laptops, smart phones, USB sticks (flash drives) and other devices outside of the traditional office environment. 95% of C-Suites and 55% of SMEs now say their employees use some form of flexible or offsite working model.
How can an organisation better protect its digital data?
- Create a culture of security throughout the organisation so that security is second nature for everyone.
- Participate in threat-sharing programmes – the Cost of Data Breach report showed that this could reduce the cost of a data breach.
- Limit the type of documents that can be removed from the office.
- Utilise firewalls, use encryption, and activate passwords on all devices.
- Access other data loss prevention controls such as endpoint security solutions (this also reduced the cost of a data breach in the Ponemon study).
- Incorporate all new forms of electronic media into the organisation’s information security policy.
TRAINING: HOW TO SECURE CONFIDENTIAL INFORMATION
- Schedule ongoing training so employees understand best practices for protecting digital confidential information.
- Provide specific training to the mobile workforce. Best practices include not leaving mobile devices and USB sticks in vehicles, hotels, coffee shops, etc., using secured networks, protecting passwords, locking devices, and being mindful of apps installed.
PHYSICAL SECURITY (OFFICE) AND CLEAN DESK POLICY
- Regularly clean out storage facilities so that obsolete electronic devices are not stockpiled. Even if devices are wiped or information is deleted, special software can be used to recover data.
- Protect visible information on screens from passers-by.
- Implement a Clean Desk Policy.
- Turn off computers when finished using them – otherwise, they’re connected to the Internet and are vulnerable.
- Before securely destroying hard drives, back up data and transfer files.
- Destroy all unused hard drives using a third-party provider that has a secure chain of custody and confirms destruction.
Destroying obsolete hard drives does not mean that materials cannot be recycled too. A best-in-class information security partner will provide secure recycling too.