Time to post some of the info from the 3rd of the articles from my June issue of “IT Compliance in Realtime Journal” before the month is over!
The 3rd article is “What to Tell Personnel: Disposal Security and Privacy.”
Here is a section from the article…
———————————–
Disposal of Computers
As new computers, of all shapes and sizes, are purchased, the older computers are disposed of by being re-used, donated to others, or thrown away. To avoid a privacy breach through the disposal of old computers, you must assume that PII and other types of business-sensitive information is stored upon them. This information is still retrievable and must be irreversibly removed in the most effective and efficient way possible. You must let your personnel know that simply deleting files does not irreversibly remove data.
Simply deleting files does not irreversibly erase information! Forensics and other recovery tools may be used to retrieve computer information that has been deleted.
Communicate to your personnel, periodically and in interesting and varying ways, your organization’s policies, procedures, and approved tools for irreversibly removing data from computers.
———————————–
Download the entire June Journal to see the complete article in a much prettier, formatted form! 🙂
Tags: awareness and training, computer disposal, information disposal, Information Security, IT compliance, policies and procedures, privacy tools, security tools