Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Photocopier Hard Drive Data Security Issues

Shred-It UK : 28 July, 2010  (Technical Article)
Shred-it has issued advice for companies on the prevention of inadvertent data loss through the recovery of hard drives from disposed of multi-functional photocopiers
Shred-it is warning of the potential for data losses caused by the failure to securely destroy the hard drives held inside multi-function photocopiers.

Shred-it explains that the multi-purpose photocopiers that are now commonplace in many organisations often contain hard drives that retain images of information scanned, printed and photocopied during the photocopier's lifecycle.

Robert Guice, Executive Vice President, EMEA, at Shred-it, comments: "Organisations replacing or leasing their photocopiers often overlook the fact that these machines can hold reams of confidential information about their employees, their clients and their business in their hard drives.

"Confidential data held electronically is often forgotten when companies come to put in place secure document management policies. Data stored on the hard drives of both computers and photocopiers, not to mention USB sticks, computer disks and smartphones, can leave organisations vulnerable to a serious data security breach.

"When it comes to protecting confidential information the best medicine is prevention, and the best prevention is a "shred-all" policy that takes into account the destruction of both paper based and electronically stored sensitive data.

"This is particularly important now that the Information Commissioner's Office (ICO), has been given enhanced powers to levy fines of up to £500,000 on organisations that commit serious data breaches. This is in addition to the reputational damage a public fine can bring, the associated loss of customers and the cost of dealing with the breach itself."

According to Shred-it common security risks to organisations include:

* Copier hard drives, laptops, external storage drives and back-up devices and other sources with sensitive information stolen, misplaced or not destroyed securely when the information is no longer needed
* Confidential paper documents disposed of in recycling boxes or rubbish bins
* Files left unattended in file rooms, on staff desks and in door folders; or unrestricted physical access to sensitive files
* Disregarded USB sticks and computer files containing confidential information left on employees desks

To prevent these incidents, Shred-it has a number of information security recommendations:

* List all information security risks specific to your organisation, targeting both paper-based and electronic information sources; consider every stage of the information cycle, from data generation and storage to the transfer of data from location to location and the information destruction process

* Develop stringent and enforceable policies regulating access to sensitive employee, client or business information

* Train your employees in best practices in secure information management and destruction

* Securely destroy all sensitive information - in electronic and paper form - that is no longer required to be kept on record

* Outsource information destruction to high-quality professional providers, who ensure the total security of the information destruction process, and can provide documentation to certify that the chain of custody has been maintained and the work has been completed

* Partner with a document destruction specialist to audit your operations to help your organisation identify gaps in security
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo