In most cases your organization’s old devices are a data gold mine. We’ve seen so many offices that have stacks of old laptops in their closets. No one really knows what’s on them or how many there are.
“To know your enemy, you must become your enemy.” – Sun Tzu: The Art of War
When we perform our assessments, we embrace this tried and true tactic. In our minds, we become the cybercriminal and our goal is to exploit our targets for as much cash, or bitcoin, as possible. You can read why those two are now interchangeable here. When we see a bunch of old devices hidden away with a thin sheen of dust we hear that classic slot machine sound. We just hit the jackpot. There are plenty of skilled cybercriminals that don’t even have to steal them. Plenty of businesses giveaway/sell their computers. They turn up at local pawn shops or on Facebook Marketplace. With a small budget, a cybercriminal can build their empire by buying these devices and mining the data from them.
Types of Devices and the Data on Them
Desktops and Laptops
When it comes to digital forensics, desktops and laptops hold far more data than most users think. Web browsers like Google Chrome are a treasure trove of valuable data. Most browsers can keep you signed in for months. Cybercriminals will have instant access to any web sessions that are still active. Worst of all there won’t be any indication of a sign-in attempt. With Windows laptops and desktops, login passwords can be easily bypassed. With new tools available, they can even be decrypted, and this leads to even bigger security issues. Windows does a great job of removing your saved credentials in the event your login password is bypassed. If the password is decrypted, a cybercriminal can log in like normal. Now they can access all of your stored credentials. This could include credentials for: WiFi Networks, VPNs, Remote Desktop Connections, Shared Folders, Apps, and any website where the password has been saved. Don’t think you should be worried because you deleted all of the data before storing that old computer? Think again!
Moving files to the trash or recycle bin does NOT delete data. Emptying the trash or recycle bin does NOT delete data. Cybercriminals are counting on you being uneducated when it comes to information security. It can be very difficult to permanently delete data from your device. It always requires special software or techniques that physically destroy data media.
A lot of people don’t realize that almost all large copiers and production printers have internal hard drives. These hard drives can hold every item you organization printed, faxed, copied, and/or scanned in the last year. Special care has to be taken before disposing of commercial copiers.
Mobile Devices, Servers, External Drives, and Even Broken Devices
By now you should be picking up on the fact that an organization’s devices can be exploited very easily. Mobile devices can be used to compromise security in many ways. It’s great that your software is in the cloud now, but where was it before? Servers, usually obsolete and retired, still have years of data that could lead to a huge data breach. All of those loose internal, external, and USB drives pose a significant risk. They are easy to pocket and hard to keep track of. Sure you could format them but that won’t keep your data safe. Data recovery is a lucrative business, and this has made it easier for criminals to get the tool they need. In fact, they don’t even need to steal your devices. They can pull the drives and emulate the hardware later to access all of your data. Don’t think your broken devices are safe either. In TV shows and movies, it requires a lab and fancy equipment to extract data from broken tech. Whether it’s broken, burnt, smashed, cracked, soaked, rusted, or fried, it’s extremely easy and cheap to get your data out of almost any device.
What to do?
The best way to mitigate these risks is to have strong policies and procedures along with data encryption. Your company has to have clear steps to follow when handling devices with data.
Before any device leaves your control you must ensure that the data has been sufficiently destroyed and an audit trail to prove it. If need your organization needs some help in this department, our partner will assist you with establishing clear protocols for decommissioning old and obsolete hardware.
Policies & Procedures
Traditional solutions don’t fit their environment and they aren’t agile enough to keep up with the evolving landscape. This always leads to problems that can be traced back to poor implementation, or lack, of modern policies and procedures. Don’t make the same mistakes. Allow us to connect you with our partner today.
Having enforced encryption on all of your devices goes a long way. In the case of HIPAA compliance, nearly all lost or stolen devices that are encrypted don’t even have to be reported. If they are encrypted you could face massive fines for each device along with a data breach that could destroy your reputation. Device encryption can be performed in a variety of ways. Our partner’s solution uses an enterprise endpoint security software capable of full device encryption.
We also recommend using a professional e-waste company to dispose of old tech. Feel free to contact us for free information regarding e-waste services in your area.