Stories like this one pop up with unusual regularity, but this one hits close to home...
There was a story today in the New York Times about New Jersey State Comptroller Matthew Boxer's discovery during an audit of surplus state computers slated for auction that 79% of them still had readily accessible information on their hard drives.
Information was found on 46 of the 58 computers scheduled to be sold, and on 32 of those 46, the information found was highly personal in nature that should have never been made public.
For instance, one computer - a laptop - had been used by a judge, and "contained confidential memos the judge had written about possible misconduct by two lawyers, and the emotional problems of a third," the Times article stated. Personal financial information about the judge, including tax returns, were also found on the laptop. (more) (video about photocopier drives)
Information was found on 46 of the 58 computers scheduled to be sold, and on 32 of those 46, the information found was highly personal in nature that should have never been made public.
For instance, one computer - a laptop - had been used by a judge, and "contained confidential memos the judge had written about possible misconduct by two lawyers, and the emotional problems of a third," the Times article stated. Personal financial information about the judge, including tax returns, were also found on the laptop. (more) (video about photocopier drives)
Questions to ask...
What happens to my company's old hard drives? (sold, auctioned, recycled, returner to lessor, donated)
What happens to my company's old hard drives? (sold, auctioned, recycled, returner to lessor, donated)
Do I even know where all of them are? (desktops, laptops, photocopy print centers, tablets)
What about other old media? (old floppies, CDs, DVDs, smart cell phones, x-rays, videotapes, product samples, prototypes, old promotional materials)
Tip: This is not the IT department's job. It's a security issue. It's security's job. "Erasing" "degaussing" and even "smashing" is not good enough to protect the most sensitive information. Keep your hard drives. Give the leasing company the money for a new one. Then crosscut shred your e-media. (Hey, you do it for your sensitive waste paper.)
I was talking to Kevin Kane and Jason Moorhouse, two sharp guys from the Shredit company, yesterday and learned that they operate globally and have shredders that can even handle old refrigerators!
In case you need an additional reason to shred e-media, I also learned that non-compliance with HIPPA regulations, for example, can bring heavy fines and even jail time. So, gather your junkers and clunkers and find someone (I don't care who) to shred it. ~Kevin