Hardware Loss and Residual Data Fragments

   Over the past few months, a number of government laptops have been stolen and the story has made national news. The government is so concerned, not because of the cost of replacing a few laptops, but from the network vulnerabilities that the loss of this hardware threatens to cause. In fact, hardware loss is a large cause of the more than 10 million cases of identity theft suffered by Americans each year.

   These types of problems are not what we commonly think of as network security threats, but stolen or sold laptops and computers pose one of the biggest threats for networks. Businesses often sell older computers without completely wiping the drives clean of data, including system passwords. Just as with stolen computers, this information can then be easily used to gain access to the network and compromise the security of the entire system.

Prevention
     Thankfully, the threat of hardware loss and residual data fragments can be minimized by taking a few rather straightforward steps:
     Encrypt sensitive company data, especially the laptops and files of executives who are most likely to be targeted. When traveling through foreign airports the problem can be especially acute, as laptops of prominent individuals are sometimes taken aside under the guise of "security", and their hard drives are quickly mirrored and used to blackmail the company. Despite the obvious benefits of securing data, however, a recent survey found that 64 percent of companies were more concerned about data loss than the cost of replacing hardware. However only 12 percent were actually using encryption.

    Wipe/shred files on old hard drives before they leave your organization. This is as much an issue of data compliance regulations as it is of network security. No matter what your motivation, however, failing to clean discarded hardware can leave your entire network vulnerable.

    Develop a policy for keeping track of employees use of smartphones and USB memory cards around sensitive data. Simply letting employees know that you have such a policy and are monitoring the use of these devices will go a long way to preventing their misuse and protecting the network.

     Use an RFID-based Asset Management system for computers, laptops, and other sensitive hardware to keep tabs on their whereabouts in your premises.