Recently, a digital forensics company did an investigation and found that it is very easy to obtain sensitive information from old smartphones that are either sold as used or thrown away. This was also true even if the previous owner had utilized the factory reset.
The forensics company, Access Data, provided more details on what they found in an interview. In their estimate, 1 out of every 10 phones that have either been recycled, resold or thrown away still contain data. The company did an in-depth digital forensics review of 5 randomly selected smartphones that were purchased on the secondary or used market. The phones varied by manufacturer and included an iPhone 3G, Sanyo 2300, HTC Wildfire, LG Optimus and an HTC Hero. Of the 5 that were reviewed, 2 had not been reset to the default factory settings. These two phones contain information on active account ids and passwords, contacts, and calendar information, all very easy to locate.
All of the Android phones had been wiped, but four of the five phones included information that was still extractable with the right knowledge and tools. The company noted that all 5 of the used phones had some way to identify the location where the device came from either via the serial number or the old telephone number. Four of the five could easily identify the previous owner. Some of the data that was extracted included user account information, Social Security numbers, geo-location tags, deleted text messages and even a resume.
The forensic experts were able to use the geo-tags to get an exact latitude and longitude for the previous owner and find the street view of their home. Another phone revealed a Yahoo email account that the experts were able to use preset ids and passwords to log into via the handset.
Access Data noted that smartphones and tables have fast become a nightmare for both individuals, but also for businesses that are concerned about data breaches. Even though these devices cannot store a great deal of information, they still contain very sensitive data that can be used to access more and more data and information. Especially since the public at large and the business community have not adopted security measures for their mobile devices.
This is particularly troublesome for a business that has employees who use their own personal mobile devices to access the company’s network. It is one thing for a company to attempt to wipe a company owned asset of all data. However, it is very difficult for a company to ensure that an employee has wiped their mobile device before disposing it whether via the trash, resale or recycle. As well, this is coupled with the rapid churn of devices via incentives from the carriers or the advancement of technology that lures individuals to upgrade their device to the next best thing.
Organizations need to put a plan in place to address the best way to delete data before a device is replaced and to work with their employees to have their old devices wiped before they are disposed of in the secondary market. Utilizing aspects like usb encryption will help to deter data breaches.
Prior to digital devices and lap top computers became ubiquitous for the business traveler, the issues of traveling safely had been much more about getting your wallet or your passport stolen. Now much more than ever, the expanding concern for all those that travel is concerning the security of their information. But, just as there are lots of kinds of devices to access information or take it with you, there are more threats than many individuals understand to their information security.
There are many actions that may be taken to shield against information theft. Right here are a couple of to think about. Initial, make use of a password on your pc. This really is minimal protection, but at least would stop most laid-back criminals from attempting to steal sensitive info. Some computers permit the user to set up password protection through a screensaver for occasions when the machine is idle, probably the most apparent time that a pc might be stolen.
Second, make sure to encrypt all your files, whether or not on your pc or on disks and flash drives. You will find a number of applications and software programs that permit an individual to encrypt files. Archive utilities like WinZip will permit a user to make encrypted document bundles. Also, keep in mind there might be unencrypted copies or temporary copies on your pc; so becoming diligent about file management will assist also. You will find also methods to encrypt the whole difficult drive through open supply applications or commercial goods. Remember that if your method crashes that it might be challenging to recover encrypted information, so maintain a rescue disk copy somewhere safe and secure that you could access if required.
Whilst traveling, becoming on-line may be the subsequent front which you need to face within the battle to shield your information. This really is extremely accurate for hotel company centers or Web cafes. All of these are locations that location you at danger for losing useful information. In the event you determine that probably the most secure route would be to not travel with your pc, be conscious of the dangers of utilizing a public pc.
Initial off, keystrokes may be recorded and consequently your IDs and passwords may be utilized to access your bank accounts, etc. Additionally, you shouldn’t trust the browser or the e-mail software program that's installed on a public pc system. These may be solved using the use of a secure USB important. With this kind of device, you are able to enter use password protected software program for the use of an onscreen keyboard, which will stop keystroke recording. Also, you are able to maintain a portable version of a Firefox browser on the USB drive to be able to steer clear of utilizing the public computer’s installed browser. USB protection is well worth the expense when traveling. 1 factor to note is the fact that utilizing software program through a USB drive will lead to a slower browser and may be annoying if you're used to fast speeds.
These couple of actions, even though at initial cumbersome will probably be useful whenever you travel to secure your individual information and to provide you with peace of thoughts also.
The business, Secure Data Sanitization (SDS) has turn out to be the 1st information security business within the United States to create their “Secure Erase” program mobile. In late November, the business took this program literally on the road to Idaho to demonstrate its capabilities. The very first mobile processing units had been tested at no price towards the Idaho Department of Health and Welfare. The program is able to wipe clean an outdated pc system. The test demonstrated that it might be 100% efficient in permanently erasing hard drives for these older computers. It was also able to reset the computers towards the original manufacturers’ settings.
These new mobile units are accessible to travel to any location to be able to assist businesses effectively eliminate information from old pc hard drives. The program will sanitize the drive in order for the gear to be effectively destroyed with out danger of private information becoming taken at some point in the future.
The mobile program initiates the “secure erase” aspect or “electronic data shredding” activity. This procedure then permanently erases difficult drives, resets them and offers proof in a report format. This new mobile system has attracted an excellent deal of attention, particularly amongst businesses that shop big amounts of information. The business has already secured contracts to make use of the mobile program at businesses all over the world.
The Idaho Department of Health and Welfare was anxious to make use of the program stated Michael Farley, the IT administrator for the department. "In order to meet federal guidelines and regulations concerning HIPAA, IRS and SSA information, it's crucial that we've a secure and sound procedure for eliminating information from our pc systems before donation or destruction," stated Farley. "Being in a position to have hard drives securely erased or destroyed on website is essential since it provides us 1 much more layer of protection."
The business is poised to be extremely active within the coming years with new federal and state laws that need businesses to securely erase private information. If not carried out properly, businesses in violation could face millions of dollars in fines, lawsuits and cleanup expenses. SDS provides Certificates of Sanitization and Destruction, printed on-site, which guarantee compliance with state and federal laws. These certificates are backed by a $2 million insurance policy. Usb protection is one way to ensure that data is safe.
As part of the service that SDS offers, they also give their customers the choice after erasing the information to either remarket the old system or donate them to the non-profit organization Computers for Kids.
Guaranteeing Information Safety: Probably The Most Difficult Work For Information Technology Experts
A ruined marriage or even an accident might be the most disastrous thing that might affect any individual. Yet a good many Information technology experts believe that their inability to safeguard the information of the firm may be lot more irritating for them than an unpleasant breakup or perhaps a small car accident. This is revealed in a current study done by Websense.
More than a 1000 IT experts from different international locations took part in this study and their replies reveal that information security is among the greatest problems confronted by businesses today. Around 60 % of participants thought that their business information is not very safe and may be jeopardized in the foreseeable future. More than 18 % of the participants thought that starting off a brand new career might be less demanding for them compared to being accountable for the safety of the business information.
Even though big institutions take safety steps to safeguard the information, there's always a possibility of information fraud. This may end up being really damaging for the success of the business and may make life of Information technology experts really unpleasant. This type of a scenario may be lot more hard to deal with for any person than dealing with any personal problem. Hence, around 10 % of participants of this study thought that information protection problems may be lot more demanding to deal with than dealing with a divorce process or broken relationships.
Previously, a lot of individuals and institutions had to deal with significant loss because of the thievery of the data. This is why sizeable institutions have independent IT groups to strengthen information safety in business. A lot of institutions also make use of sophisticated resources as well as applications to observe their devices and regulate their system data. This may reduce the potential risks of data thievery.
Data security is an extremely significant issue and it is so imperative that institutions around the globe are prepared to invest a lot of funds in guaranteeing the information as well as network system safety. These days, the funds allocated to safeguarding the company information is viewed as a good investment instead of a pointless expenditure. This USB flash drive review references a helpful encrypted flash drive to assist in these challenges.
Even the biggest USB flash drive is still smaller than most people's thumbs. Since we carry these devices to numerous locations, there is a fairly good chance that we will eventually lose them. If this should happen, most of us simply hope there was nothing sensitive on the drive. However, that is not the only thing you can do. There are some basic USB flash drive security measures available.
If your flash drive carries some sensitive information that you hope to keep from ending up online by the next day, security measures available range from secure partitions to encryption options. Secure partitions are a rudimentary form of security - a password protected partition is created on the drive, using a utility supplied by the manufacturer, this makes a public partition and a secure one.
In most cases, it is not possible to access these partitions at the same time, it is often necessary to log into the secure partition, hiding the public one. Not all controllers feature this limitation. Using a version of your utility, someone else could re-partition the drive. However, they would not have access to the data you have stored on the secure partition.
There are other USB flash drives that are much more specialised, they offer the same sort of secure, password protected partition. However, they also encrypt data stored on that partition, making it much harder for people to get to your data. While encryption algorithms can be broken, having encryption on your USB drive is an extra layer of security you can offer your data.
The down side to drives that use encryption is that some of them only perform this encryption in software that results in lower performance on the drive when encryption is enabled. Few manufacturers use a hardware based engine capable of encrypting and decrypting files at a higher speed to prevent performance penalties when you access a secure partition that's using encryption.
The problem with both of these security approaches is that they are mostly dependent on software; the majority of manufacturers of USB flash drives only provide Windows based software support.
What does that mean for Macintosh users and people who use a Linux distribution or other unusual operating system? Security for USB flash drives is mostly still a matter of keeping good track of them. While it is possible to access public partitions on almost all systems, accessing the secure partition generally requires access to Windows.
USB flash drive security is still in its infancy, since these drives aren't routinely used by people with a need to secure their data. As they become more widespread and the need for security increases, expect flash drive security options to increase as well. For now, partitioning and encrypting are the major options available, though.
Windows users are in luck and can make use of both of these options effectively to preserve their data. However, users of operating systems that aren't compatible with the software on the drive must simply try not to let their USB flash drives fall into the wrong hands.