Security Errors and Hard Drive Destruction Mistakes
Tue, Sep 18, 2018
By: Steve Clopton
Regardless of your industry, data breaches are a serious threat. Your data (and data you store on behalf of your clients) is vulnerable to attack. It’s your job to do whatever you can to protect it.
Laws and regulations like HIPAA and FACTA require organizations to maintain data for specified periods. At the end of that time, you may destroy the data. But, it might surprise you to find out that it’s when you think you’ve destroyed your data and hard drives that they might be the most at risk.
At Gilmore Services, we use the highest possible standards when storing and destroying data on behalf of our clients.
Here are some of the top data breach threats you should know about.
One of the most common tools cybercriminals use to target data is ransomware. Ransomware essentially holds your data hostage until you pay a ransom specified by the thief. Think of it as someone kidnapping your data.
Ransomware adds a public component to cybersecurity because it’s common for bad actors to announce that they’ve stolen data to apply pressure to their target to pay the ransom. Encrypting your data can minimize its value in the event of a breach.
Phishing was one of the earliest forms of cybercrime and it hasn’t gone away. Your data may be at risk if an employee inadvertently clicks a phishing link or opens a phishing email. If they enter sensitive information, such as their system password or PIN, then your data could be stolen.
The key to preventing phishing is educating your employees about cybersecurity and ideally, putting two-factor authentication in place. Requiring a password and a fingerprint, for example, can render most phishing scams ineffective.
Vulnerabilities in Applications
More organizations are allowing employees to use outside apps to perform their jobs. This process, known as BYOA, poses some significant risks to your data if you’re not careful.
For example, if an employee uses an unauthorized app, a criminal could potentially take advantage of a security hole in the app to access your server. The solution is to have a clear BYOA policy in place and educate employees about the dangers of using unauthorized apps at work.
Documents may also be vulnerable as you image them. It’s common for organizations to scan important documents and store electronic copies. When the time comes to destroy the physical copies of documents, it’s essential to destroy images of them as well.
Without a clear system in place to organize and store imaged documents, it’s easy to overlook their destruction. Doing so could put you in violation of government regulations as well as eroding the trust your clients have in you.
DIY Document Destruction
One of the biggest risks you can take is to handle your document destruction in-house. While it might seem to be the safest and most cost-effective option, it opens you up to a series of problems and risks. These include:
- Employees failing to adhere to the document destruction schedule you have specified
- Documents being improperly shredded
- Shredded items being vulnerable to bad actors
For example, an employee might put off shredding documents believing that they have more important things to do. In the interim, a thief might gain access to those documents. Using a professional shredding company to shred your documents ensures that you’ll adhere to your schedule and be able to track your documents as they are destroyed.
Improper Destruction of Hard Drives
One of the areas where enterprises can run into real trouble is when they attempt to destroy hard drives without professional assistance. There are multiple methods that may be used to destroy hard drives, including overwriting, degaussing, and physical destruction – but which one is best, and has it been done properly?
The only way to be sure that your hard drives have been properly destroyed in accordance with US law and environmental regulations is to contract with a NAID certified company like Gilmore Services. We use the highest standards to destroy hard drives, ensuring that our clients never need to worry that their data is vulnerable or might be recovered from hardware they believed to be unusable.
Protecting your data and properly destroying it in accordance with regulations is essential to your business and its reputation. Hiring a professional company to help you will ensure that your data is safe. To learn more about how Gilmore Services can help you keep your data secure, please click here.