Data Security: Avoid the Hidden Risks of Obsolete Technology
How old is the technology being used in your organisation? These days, it dates pretty quickly so to protect any data stored on obsolete devices, it’s more important than ever to consider issues such as hardware security and USB security.
According to a 2014 post by US IT services provider, Sinu, a replacement cycle of 5 to 8 years used to be standard in the world of desktop PCs. But today, with mobile devices such as laptops, tablets, and smart phones, it's more like 1 to 4 years depending on the device.
What are the risks of out-of-date technology in the workplace?
Information security: If software or hardware security isn’t up to date, there’s an increased risk of a major security incident. The older the technology, the more time hackers have to find holes in it. Plus, the software creator may no longer support early versions. A 2014 study by security firm Cenzic found the application layer continues to be a vulnerable target for cyber-attacks.
Forgetting about it: Consider that 22,000 USBs a year are retrieved by dry cleaners in the U.K. According to an online report, the survey of 500 dry cleaners showed that on average each shop finds four USB sticks a year, and 45% of these sticks were never claimed. “The chances are most of these devices will end up getting thrown in the bin… and who knows where they will end up after that,” said one industry observer.
Workforce issues: The mobile workforce is increasingly demanding more work flexibility. The latest technology supports ease-of-work at satellite offices, supplier and customer locations, off-shore locations, and home.
Equipment breakdown: Issues with hard drives can result in major data loss. There is also something called ‘bit rot’, which is when bits in the memory or on the disk silently decay. One blogger wrote that the more data on a disk, the more the likelihood of occurrence of bit rot.
Inefficiencies: Older technology simply can’t do what modern technology can. For example, smart phones are increasingly utilising biometric sensors such as fingerprint sensors – in place of passwords.
Stockpiling: According to the 2016 Shred-it SecurityTracker 37% of UK businesses surveyed have never disposed of hard drives, USBs and other hardware that contain confidential information. Any confidential data on these drives could fall into the wrong hands.
How should digital data and obsolete technology be managed in a protected workplace?
- Have an information security policy that addresses new and emerging forms of electronic media, and stay up-to-date.
- Clear out storage facilities – don’t stockpile unused hard drives of any kind.
- Properly dispose of electronic data stored on obsolete hard drives and storage devices (laptops and desktops, USB flash drives, magnetic tapes and audio/visual media such as CDs/DVDs). Deleting or degaussing files does not ensure data is destroyed.
- Physically destroy hard drives to ensure all data is unrecoverable. Partner with a document destruction leader that is familiar with compliance requirements in your industry, and has a secure chain of custody including a Certificate of Destruction for record-keeping.
- Educate the workforce. In a 2015 Gartner Symposium company representatives said a security approach should be founded on the principal that people are the strongest link in the security chain. Educate employees about why their role is essential in keeping the organisation safe.
Learn how to protect your workplace and organisation against all of today’s data security threats.