Getting a new computer is exciting, but what happens to the old ones? Depending on the age, some people sell them, others throw them out. That’s the easy part. The problem is the sensitive data on them. There are passwords, account numbers, license keys, customer details, medical information, tax returns, browser history…. the works! Each computer whether laptop, tablet, or desktop contains a treasure trove of sensitive information that cybercriminals would love to get their hands on.
Unfortunately, hitting delete on your files doesn’t actually make them disappear, nor does waving a strong magnet over the drive. These mistakes have cost businesses millions of dollars over the years.
Most people are unaware that specialized data cleanup is necessary, others think calling someone to collect the computers will cover all the bases. A 2016 experiment proved just how dangerous the situation can be when they bought 200 used hard drives and found 67% held unwiped, unencrypted sensitive data, including sales projection spreadsheets, CRM records, and product inventories. Frighteningly, they didn’t need any special hacking skills to get this data, it was all right there and helpfully labelled. It’s also not surprising that with simple data recovery tools, people have also been able to access British NHS medical records and missile data, all waiting patiently on a discarded hard drive.
Why hitting delete doesn’t help
Data on a hard drive works like a book with an index page. Every time data is written, it pops a quick entry into the index so when you need it again, it knows where to look. The index is used for files you create as well as system files you can’t even see. Sensible, right? Except if you delete a file it’s more like changing the index to say nothing is on page 10 and you can write something else there when you’re ready. But if you manually flip to page 10, you’ll find the information is still there – the file still exists until it’s been written over – it’s the index reference that got deleted.
Wiping data before disposal
There are software tools you can get to do it yourself, as well as dedicated security firms, but your best option is to choose an IT business you know and trust. With that in mind, a methodical approach is required to ensure not a single drive is left untreated. You don’t want to leave data behind, or even clues that a motivated person could extrapolate any private information from. The approach might include using checklists to maintain security, or dedicated processes to guide each step in decommissioning. Careful records should also be kept, including who signs off on completion of the retirement, and where the computers are sent afterwards. A proper inventory and auditing process may slow the rollout of the new computers slightly, but it’s always better than having your old data come back to haunt you.
Or, you can just Crush It!
If you have a lot of hard drives to erase, or other odds-and-ends like flash drives, cell phones, or tablets there is another effective way to destroy the data…CRUSH IT! While I admit this is probably the most wasteful method, it’s also the most fun (and cheapest). We have a hard drive crushing machine at our shop that we frequently use to crush a few hard drives for a customer free of charge, or you can take a batch to a local electronics recycler that can shred the drives and provide certificates of destruction for a nominal fee.
We can migrate any needed data, backup the information to your server or external drive, then wipe or destroy the hard drives for you. We can assess the age of your old computers and either dispose of them for you or point you in the right direction of computer recyclers. Plus, the quicker you dispose of your old computers, the easier the process will be. Recyclers will be able to send less of your equipment to landfill, and you’ll be less likely to forget how valuable the drive contents are.
Need help with your old hardware? Call us today at 515-422-1995!