Tuesday, 19 May 2015 00:00

40% of organizations question the security of old PCs recycling processes

Rate this item
(0 votes)

As revealed in a recent study of Osirium company, UK organizations are not sure that all the data and settings are deleted from devices before disposal.

Corporate devices store various versions of confidential data and access credentials, all of which can be retrieved if desired. Hackers can get network access using the retrieved administrator credentials as well as compromise the data, which can result in a serious personal information leak.

The fact causing concern is that 40% of organizations surveyed are not sure that all data has been deleted, and 7% of organizations in the financial and the retail sectors do not delete the data at all.

"Since the IT-industry moves towards Ethernet and wide-band connections of the 100 GB/sec speed, the need for replacement of routers, firewalls, load balancers, content filtering devices etc. is increasing and becoming more acute," - David Guyatt, CEO Osirium, said. "Some devices can be re-used, while others are good only for trash. In any case, at some point in the update cycle all devices will be at third-party disposal, and, since you can't guarantee or control their final destination, you need to take the appropriate measures. "

Guyatt also shared his personal experience in the matter. He told that Osirium purchased two devices on eBay. The first one was a Juniper SA on which retrievable information including administrator credentials was found. The other device was a Bluecoat Proxy SG, which was configured to use Active Directory. It had not only information about credentials but also data that could allow access to the AD.

Data Recovery Company information: find InfoRecovery data recovery lab in Austin.

Bob Terzi, the analyst and director of Quocirca, is not amazed at this fact. "About 40% of respondents in a recent survey by Quocirca are not sure that they succeed in deleting sensitive data from IT-devices when their operating life expires. Even those who assures to the contrary may delete data insecurely. Simple deletion is not enough; experienced hacker can still recover the data," - he explained. "Only tools of the destruction and / or formatting the drive can ensure that the device can be securely disposed of. This process does not have to present difficulties. Nowadays such technologies are available that automate the process and provide a checking record confirming that the data has been removed."

The guarantees of proper deletion process are required.. It is so important for the reason that if recognized passwords are suddenly identified as administration group credentials, hackers will be able to gain access to other similar devices, and if those credentials are used for devices of different manufacturers, the risk will be even more serious.

"Even if organizations have recourse to IT-assets disposal companies, their data still can be undeleted" - Guyatt continued. "For sure, companies that offer such services are very serious about the deletion and disposal of hard drives, but do they have detailed knowledge of various infrastructure devices so that to know or even not to overlook what needs surely to be deleted? I would tend to doubt it."

Hard Drive Recovery in San Antonio: click here to read more about us

Last modified on Tuesday, 19 May 2015 20:41
Data Recovery Expert

Viktor S., Ph.D. (Electrical/Computer Engineering), was hired by DataRecoup, the international data recovery corporation, in 2012. Promoted to Engineering Senior Manager in 2010 and then to his current position, as C.I.O. of DataRecoup, in 2014. Responsible for the management of critical, high-priority RAID data recovery cases and the application of his expert, comprehensive knowledge in database data retrieval. He is also responsible for planning and implementing SEO/SEM and other internet-based marketing strategies. Currently, Viktor S., Ph.D., is focusing on the further development and expansion of DataRecoup’s major internet marketing campaign for their already successful proprietary software application “Data Recovery for Windows” (an application which he developed).

Leave a comment

Make sure you enter the (*) required information where indicated. HTML code is not allowed.

Get Help Now

Thank you for contacting us.
Your Private Investigator will call you shortly.