Three Business Consequences of Poor Data Security

Businesses understand the importance of security. They lock their doors, install alarms, and hire security guards. Unfortunately, too many of them don’t give their data security the same priority as their physical security. They underestimate both their risk of becoming a data breach victim and its consequences to their business.

All businesses, large or small, are at risk. Hackers employ software as well as search engines to locate businesses with exploitable data security weaknesses. If your business has such a weakness, then it’s not a question of if, but when they will find you.

Criminals aren’t limited to online methods of getting to your data. They’ll use offline techniques as simple as searching through dumpsters for discarded equipment with hard drives. It’s important to remember that data security is both an online and offline effort. Equally important is understanding that the consequences of poor data security can be severe:

Fines

Businesses that keep sensitive customer or patient information must meet certain government requirements. Failure to comply with these requirements cause security vulnerabilities that hackers can exploit. This is why data breaches often get the attention of the government, which may conduct an audit of the victimized business. If any type of non compliance is found, the business may have to pay severe fines.

Damaged Reputation

This is especially damaging for a number of reasons. Existing customers will lose faith in the company’s ability to protect their information, and will never come back. Word about a data breach can rapidly spread via social media and review sites. This diminishes the company’s business prospects of attracting future customers. Business partners such as suppliers and distributors will have similar concerns and may terminate their association with the affected company. Investors may withdraw their support.

Going out of Business

A hacker can do more than merely exploit sensitive data. The person may delete the information, install a crippling virus, or cause other kinds of problems that get in the way of conducting business. If this happens during a time of peak customer demand, the loss of revenue can be devastating. Customer lawsuits and the above mentioned problems could be sufficient to force the company to permanently close its doors.

A data breach can happen to any business regardless of its size. You can avoid potentially devastating consequences by making data security your number one priority. Protect yourself from cyber crime in all its forms, including data theft from your discarded hard drives. For more information about data security and about our hard drive destroyer devices, contact us today.

Don’t Just Throw Away Your Printer

When a printer reaches the end of its life, the easy thing to do is just junk it. If you do this, you could be putting unprotected confidential data on the truck. A business-class printer generally has a hard disk drive or solid-state drive for queuing jobs. Huge quantities of reports, diagrams, and correspondence could be on it. Would you send an old computer to the scrap dealer without making sure no one could read its files? If not, you should give discarded printers just as much care.

Who will get your printer’s drive?

Old printers are often resold. Hardware scrap shops pull out drives and sell them “as is” at bargain prices. Your printer’s drive could end up in someone’s homebrew system. Worse, someone who buys drives to scavenge data might pick it up. Whether it’s the whole printer or the drive, any data left on it is now in someone else’s hands. If your business prints confidential documents, that’s a risk you can’t afford.

A printer’s drive holds files intended for people to read on paper. Getting useful information from them doesn’t require figuring out a database’s structure or making sense of binary files. Convenient, printable documents are there for the taking.

Reduce the data to shreds

Just “formatting” or “erasing” the drive with software won’t eliminate the data. It makes the file system appear empty, but the bits are still there. Overwriting the disk is better, but there are techniques for recovering shadowed data. The surest way to make a drive irrecoverable is to destroy it utterly.

This might bring to mind brute-force methods such as burning the drive or using a sledgehammer, but they carry dangers such as toxic fumes and injury. Phiston’s line of disk drive destruction equipment does the job safely and quickly. From desktop crushers to heavy-use machines, they serve a broad range of needs. All of them will reduce storage devices to tiny fragments.

Where serious data protection is needed, Phiston provides what it takes to make sure data from old drives won’t end up in the wrong hands. Talk with us to find the best data destruction solution for your organization.

Dumpster Diving: a Serious Security Threat Requiring Hard Drive Destruction

Dumpster diving is a security threat that’s every bit as real as that posed by online hackers. Failing to protect one’s business from those who would exploit the information available in the trash invites victimization by cyber criminals. Even though it’s hard to picture yourself engaging in such a distasteful task, others willingly do it because they stand to gain a great deal at your expense. Criminals seek information, including that found on discarded hard drives. This might include:

  • Full names of employees, business partners, and contractors
  • Account login credentials
  • Marketing information
  • Email addresses of employees
  • Sensitive customer information
  • Employee information
  • Company operation information
  • Corporate secrets
  • Medical records
  • Bank statements and other financial information
  • Tech support logs

This and other information can be used in a variety of ways. For example, information about your contractors allows spear phishers to write emails that convince your employees to click on dangerous links or to give out passwords. A criminal posing as an IT service contractor could arrange an appointment to do maintenance on your servers. This provides him with the perfect opportunity to set up a backdoor account for later remote access.

Hackers often employ dumpster diving during the reconnaissance phase of a cyber attack, in which they try to learn as much as possible about their targets in order to uncover security vulnerabilities. The more information obtained, the greater their prospects of creating an effective plan of attack. This is similar to a burglar casing a home for easy access points, or a thief learning about the security defenses of a jewelry store.

It’s important to understand that cyber criminals can exploit seemingly innocuous information. Unless you’re a skilled hacker, you can’t be 100% sure that the discarded information in your dumpsters can’t be used against you in some way.

In addition, securing the physical area around your dumpsters only delays exploitation of their content. At some point, thieves can gain access once the refuse is sent elsewhere beyond your control. This means hard drive destruction of all discarded devices is the only reliable way of denying criminals access to your digital information. To learn how our products reliably do this, contact us today.

How Cyber Criminals Profit from Poor Data Security: 2 Examples

Data security lapses can and do lead to data breaches. Depending on what happens to the stolen information, the damage can be severe to such a degree that the victimized company may be forced out of business. Victimized businesses may face customer lawsuits, fines, increased insurance rates, and loss of their loyal customer base. A damaged reputation that’s spread throughout the Internet makes new customer acquisition increasingly difficult.

While there are plenty of reasons for this kind of criminal activity, profit is often the motivation. How money is made from a breach depends on the information stolen and the particular “skill set” of the hacker. Here are two ways criminals can profit:

Sell Data on the Information Black Market

Hackers aren’t necessarily skilled at profiting from their stolen information. Not all valuable data is in the form of usernames and passwords to bank accounts — which are straightforward to exploit. Other types of data require criminals with specialized knowledge and expertise. Information black markets exist to bring together the hackers skilled at acquiring information, with criminals who know how to use the information. This may happen within private forums or at auction sites similar to eBay. Because your information falls into the hands of those best suited to exploit it, the damage to your business can be severe.

Business Identity Theft

Criminals with access to the right business data of your company can pose as you and open lines of credit, access bank accounts, and do business with your customers. Customers thinking they’re doing business with you, might place an order with the criminal with an up-front payment. When the goods aren’t delivered, you will hear about it from the angry customer.

Criminals can also steal goods worth hundreds of thousands of dollars by posing as a legit trucking company. They need only gain access to information about the trucking carrier’s future shipments. With this information, they can send their own truck to pick up a load before the legit truck arrives.

Data security vigilance is the key to avoiding these kinds of consequences. Remember that there are many ways your data can be stolen, including from improperly disposed hard disks. To learn more about data security and about our hard drive destruction equipment, contact us today.

Why You Should Invest in a Hard Disk Destroyer

The vast majority of office workers today use a computer on a daily basis. Once a computer is dated and no longer functional, you must figure out what to do with the hard drive. One great option would be to use a hard drive disk destroyer as destroying a hard drive will provide you with several different benefits.

Protects Data

One of the most important reasons why you need to properly destroy your hard disks in your home or place of business is that it will protect your data. If you had a hard disk drive left out in the open or thrown in the garbage, you are opening yourself up to an easy data hack. Identity thieves can easily access these records, which will put any of your business or customer information in a vulnerable position.

Regulatory Compliance

While it is important to protect the data of your company and customers, you also should destroy hard drives because it can be a requirement by law. Depending on the industry you are in, and what type of customer information you have access to, a variety of regulations to destroy these hard drives. If you do not comply and destroy these hard drives, and keep adequate records, you could face a variety of fines and other punishments.

Clear Up Space

When you are looking to keep customer and business records permanently secure the only options you have is to either secure the hard drives in a secure location or have them destroyed. If you choose to store the records in a secure location you will still be at risk that the hard drives could be stolen and you will have to either rent storage space or designate valuable office space to store old hard drives. For a larger company, this can quickly take up a lot of space and waste unnecessary money.

If you are in need of a hard disk destroy, you should contact us to learn more about the products we can provide to you.