Don’t Throw the Baby Out With the Bath Water

What does an infant’s bath time have to do with information security? Think of your data as your baby and all becomes clear. And like an infant, a challenge.

Right now, write a paragraph describing how the laptop you just issued your employee (or authorized them to purchase) is tracked, from its initial provisioning, right through to its final moments within the company’s footprint.

Did you think of recycling the hardware in a green manner and ensuring the data stored on the device is securely erased? If you did, congratulate yourself. You are one of the few who understand the need to have in place an IT Asset Disposition (ITAD) process and procedure.

We reached out to Brian Honan, cybersecurity expert and founder of the Irish Reporting and Information Security Service (IRISS), or Ireland’s CSIRT, for his thoughts on ITAD.

Safe Disposal of IT Assets – Explained

Honan commented, “When disposing of IT assets, never assume it is just the hardware you are dumping. Those devices may contain sensitive data. Disks may hold important information that needs to be destroyed in a secure manner. Other devices, for example printers, smartphones, tablets, or photocopiers, may have embedded storage containing cached copies of documents processed through the device. Those old routers, firewalls, and switches destined for the scrap heap may hold details on your network infrastructure or indeed administrator passwords which could be used to access your core network. Disposable storage such as external drives, tapes, USB sticks, and CD ROMs all should be disposed of in a secure manner. You need to ensure there is a well-written policy with supporting processes and tools to secure data before the medium it is on is destroyed.”

There, in one paragraph, Honan provides a concise rationale as to why and what you (Read more...)

This is a Security Bloggers Network syndicated blog post authored by Christopher Burgess. Read the original post at: Cylance Blog

Christopher Burgess

Christopher Burgess

Christopher Burgess (@burgessct) is a writer, speaker and commentator on security issues. He is a former Senior Security Advisor to Cisco and served 30+ years within the CIA which awarded him the Distinguished Career Intelligence Medal upon his retirement. Christopher co-authored the book, “Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century”. He also founded the non-profit: Senior Online Safety.

christopher-burgess has 21 posts and counting.See all posts by christopher-burgess