Large UK businesses are crap at securely disposing old PCs and mobile devices.
A survey by mobile security firm Pointsec found that less than half the 329 corporations quizzed use professional disposal companies to destroy their old computers. The rest flog PCs to secondhand dealers or sell them to staff, which often means that the next recipient has access to all the old data. Seventeen per cent destroy data in-house, arguably the safest approach.
Lack of time and resources was frequently cited in the survey as the reason why firms frequently neglect to bother about the secure disposal of corporate devices. Mobile security fails to feature withing the security policy of many firms.
Martin Allen, managing director of Pointsec, commented: "We've all heard about PCs thrown away in UK council tips that have ended up in West Africa with local extortionists and opportunists selling the contents such as bank account details for less than £20. Many corporations can also fall victim to this sort of scam by selling their old PCs to second hand dealers who often don’t have the skills or resources to reformat and clean them adequately. We recommend thoroughly reformatting the hard-drive or encrypting the data on all mobile devices."
"If you have really sensitive data on your device and you really don't trust any sort of software then your best bet is to burn or smash the hard-drive," he added.
One in three companies now have over 50 per cent of their staff who use a mobile device for work, 60 per cent of these devices are not protected by encryption. Doubtless Pointsec is looking to plug the gap left by this omission.
When asked why encryption was not more common-place, many respondents to the survey said their mobiles didn't contain sensitive data, so the technology wasn't needed. However, When quizzed further respondents admitted they stored important data on their mobiles such as their names and addresses of customers, marketing plans and other corporate information. Such data might be very useful to an opportunist thief or hacker, Pointsec warns. A minority of people stored passwords (8 per cent) and bank account details (six per cent) on their mobiles. ®