There is a lot of talk in the corporate world regarding data security and management. Regulations and compliance are introduced to standardize data security measures to combat rising cyberattacks. However, in the midst of all these crucial awareness drive surrounding data security, one critical aspect gets marginally overlooked, i.e. proper disposal of electronic devices.
We are using electronic devices at most touch-points in our lives and more so in businesses. Computers, Laptops, Smartphones, Tablets, External Hard Drives, Scanners, Printers, Cameras and others are just a few examples of extensively used hardware in businesses. Like many electronic items, all these devices are either replaced over a period of time due to performance down-fall, gets damaged in the process or even stolen. And, with the ever-evolving hardware space, Original Equipment Manufacturers (OEMs) are launching upgraded hardware more frequently than ever. This is also a leading factor in compelling businesses to switch devices for superior performance.
Most electronic devices contain sensitive information within them during their operation and long after. There is either, lack of awareness or attention that is being paid to safe disposal of electronic devices. And, cybercriminals are taking advantage of this loophole to access sensitive information from electronic devices that are not properly disposed.
We’ve deleted all data before disposing our device, we are safe! This is a big misconception. Most devices retain the stored data in them even after a mass delete or formatting. It may not be apparent to a non-technical user; however, tech-savvy cybercriminals can retrieve data and use it for malicious purposes. So, how to safely dispose electronic devices? Multiple methods commonly known as Sanitizing can be adopted to permanently delete data. Although the process differs from device to device. Here are some proven Sanitizing methods:
Data backup: Data backup is a basic step to ensure recovery in the event your device gets stolen. Data can be backed up to another device or on the cloud.
Deleting Data: Deleting data from device is recommended, although users should not solely rely on this process. Additional sanitizing steps must be taken, including:
Computers: Use Disk Cleaning Software to permanently remove data and the possibility of recovery. Secure Erase, a set of commands available in most computer hard drives can be performed to delete data and overwrite all areas of hard drive to ensure permanent deletion. Disk Wiping, a utility tool clears sensitive data and wipes flash drives and secure digital cards.
Smartphones, Media Players, Office Equipment (Printers, Copier, etc.) and Tablets: Perform a Hard Reset to return the device to its factory settings. Also ensure to remove any memory cards.
Overwriting: Delete sensitive information and then write new binary data over it to ensure that hackers are not able to trace the original script. Write layers of random binary code to make it difficult for hackers to retrieve information. Microsoft Windows users can use Cipher.exe command-line too encrypt or decrypt data. Clearing is another tool to use that does not allow any information to be retrieved by data, disk or file recovery utilities.
Physical Destruction: The most non-technical way is to simply destruct the device. There are professional services that offers destruction by burning, melting, thrashing devices. Driving nails, drilling holes and hammering devices to small pieces is DIY way of device destruction. Many powerful shredders can shred CD and DVDs. Magnetic degaussers can be used to manipulate the magnetic fields in drives to destruct device.