However, companies are often in such a rush to expand that they dont put sufficient thought into their policies for managing the risks associated with decommissioning such devices.
This creates a problem with data leakage. The uncontrolled transfer of a firms data to unauthorized individuals presents a major enterprise security hole. Notebooks and PCs have data. USB drives have data. Even cell phones have contact lists, with newer phones storing text messages, emails, and proprietary files.
Groups need to investigate how to securely remove data from these systems before these units move beyond their control. As Oliver North found out in the Iran-Contra affair years ago, using an operating systems delete command to remove files typically doesnt destroy all the data. In some cases, the file is flagged for deletion yet remains in either a waste bin or system folder. The data can remain until the formerly allocated space is re-used.
The Ghost in the Machine
While we fret over external leakage, even the uncontrolled movement of data within a firm can be detrimental. Imagine a person getting access to sensitive data because they receive a thumb drive that used to belong to a VP, or salary data from a PC that HR used to use. Many groups recognize this and re-image drives, or do a secure wipe before re-using equipment.
Often, it's the devices that are going to be thrown out, sold, or donated that don't have effective controls especially the mobile devices, such as PDAs and cell phones. Organizations should review risks and determine what policies and procedures they need to safeguard company information.
Part of this must include deciding what is good enough." In other words, management teams need to identify reasonable controls that reduce the risks to an acceptable level, as the risks are virtually impossible to totally eliminate.
For devices in the data center, companies can readily develop and enforce policies for securely wiping drives, non-volatile RAM, backup media, and other units. In cases where a device has failed and the data isnt accessible to wipe, the storage unit should be physically destroyed so that the data is unrecoverable should the unit be removed and placed in an operative device. This includes methods such as shredding, puncturing, melting, degaussing and so on.
For mobile devices where the risks merit higher security levels, users need to return the units to a depot, centralized or decentralized, which is tasked with properly decommissioning the device. This serves two purposes: to account for devices as well as to take reasonable safeguards to prevent the loss of data.
Next page: Should This Data be Traveling?