Blog Posts Tagged with "data destruction"
How I Learned about File Encryption the Hard Way
September 06, 2012 Added by:Scott Thomas
Learn about file versus whole disk encryption, as well as where keys are stored. Also learn to move the keys if you're going to wipe a drive. If I can offer anything to anyone about file encryption it would be to completely understand how it works before you play with live data...
Comments (0)
Best Practices for the Destruction of Digital Data
August 31, 2012 Added by:Ben Rothke
The need for effective media destruction is imperative given that digital media is the crown jewels of most organizations. From payroll, financial records, to personal information and company/trade secrets, there are terabytes of data that at the end of its lifecycle, needs to be effectively sanitized...
Comments (0)
Selling Your Old Smartphone? Not Smart...
July 12, 2012 Added by:Robert Siciliano
I purchased a bunch of used devices off of Craigslist and eBay to see if I could find data on the devices. I found a startling amount of personal data including photos, phone numbers, addresses, emails, text messages and passwords. Even if you wipe and reformat a hard drive, you may still miss something...
Comments (0)
Contracts and Infosec Part 3: Processing and Data Disposal
June 21, 2012 Added by:Bill Gerneglia
The parties should also stipulate their expectations for data return or destruction upon termination of an NDA. The expectations for data return or destruction will be typically molded by a party’s desire to keep compliant with the particular data handling law or regulation to which the party is subject...
Comments (0)
Disposal Dummies Cause Privacy and Security Problems
June 21, 2012 Added by:Rebecca Herold
Information disposal is now a legal requirement for basically all businesses of all sizes, and it simply makes sense to dispose of information securely as an effective way to prevent breaches. Having effective disposal policies, procedures and technologies in place demonstrates reasonable due diligence...
Comments (1)
I Found Your Data on that Used Device You Sold...
March 14, 2012 Added by:Robert Siciliano
What did you do with all of your old devices? Some were probably given away, or you might have hocked a few on eBay or Craigslist. Did you know it is very likely that you inadvertently put all of your digital data in someone else’s hands?
Comments (0)
Data at Rest: Dormant But Dangerous
February 10, 2012 Added by:Simon Heron
Data is considered to be either ‘at rest’, ‘in transit’ or ‘in use.’ When putting security measures in place, it is important to consider all three states and address risks associated with each. This article examines data at rest and proposes strategies to minimize dangers...
Comments (0)
Securing Mobile Data at the Application Layer
October 23, 2011 Added by:Steven Fox, CISSP, QSA
The OWASP Mobile Security Project focuses on the security of the applications. According to its contributors, it “is a centralized resource intended to give developers and security teams the resources they need to build and maintain secure mobile applications...”
Comments (0)
Multi-Function Printers and Security Beyond Compliance
October 20, 2011 Added by:David Sopata
Compliance in many cases is one of the biggest drivers for security. Compliance may not exactly require you to secure your Multi-Function printers or other devices, but since most organization generally want to do the right thing, it may be required to go beyond compliance...
Comments (1)
Digital Evidence and Computer Crime
September 28, 2011 Added by:Ben Rothke
When it comes to digital crime, the evidence is often at the byte level, deep in the magnetics of digital media, invisible to the human eye. That is just one of the challenges of digital forensics, where it is easy to destroy crucial evidence and often difficult to preserve it correctly...
Comments (0)
The Urban Legend of Multipass Hard Disk Overwrite
August 28, 2011 Added by:Brian Smithson
Multipass disk overwrite and the “DoD 5220-22-M standard 3-pass wipe” are, at best, urban legends. At worst, they are a waste of time. A single pass overwrite with any arbitrary value (randomly chosen or not) is sufficient to render the original HDD data effectively irretrievable...
Comments (6)
The Dangers of Second Hand Hard Drives
August 24, 2011 Added by:Emmett Jorgensen
Whether you are planning on selling, recycling or throwing away your old hard drives, you should always consider using one of these solutions: destruction, degaussing, or secure data erasure. Otherwise, there's no telling whose hands you data may end up in...
Comments (2)
Preparing a Mobile or PC for Resale or Donation
July 29, 2011 Added by:Robert Siciliano
You may have read my last post where I talked about “Clean the Clutter” out of your life and sell all the stuff you don’t absolutely need. Prior to selling my electronics I wiped all the data off of each device. Cleaning all the data off your salable electronics is absolutely essential...
Comments (1)
HIPAA: Rx For End-User Device Risks
July 06, 2011 Added by:Konrad Fellmann
Basically, if electronic PHI data is encrypted, purged, or physically destroyed before it is inadvertently disclosed, then it doesn’t count as a breach. If the information is protected in a way that it can’t be obtained by an unauthorized individual then you’re safe...
Comments (0)
SSD’s and the Importance of Encryption
May 12, 2011 Added by:Emmett Jorgensen
With data privacy issues becoming increasingly important, regulations have tightened on information security. Regulators often impose sanctions for data breaches as outlined in state laws. New regulations bring added importance to the need to securely erase data from an SSD...
Comments (0)
Data Security Ramifications of E-Waste
April 28, 2011 Added by:Allan Pratt, MBA
What are the data security and compliance implications if you have all of your confidential data on your computer hard drive or laptop? What if you are a policeman, school teacher, or lawyer – and the contact list on your phone includes information you are legally bound to not share?
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)