… Condusiv Comments

The Information Commissioner’s Office (ICO) has announced that 48% of second-hand drives contain information from previous owners (consumers and businesses), and one in ten contain personal information that could be used to steal an identity (The ICO investigation used computer forensic firm NCC Group to source and investigate approximately 200 hard drives, 20 memory sticks and 10 mobile phones).

At least two of the drives analysed on behalf of the ICO contained enough information to enable someone to steal the former owners’ identities.

Condusiv Technologies Corp. said that companies and individuals can no longer take an ‘out of sight, out of mind’ approach to deleted files.

Scott Thomas, EMEA marketing director at Condusiv, offers the following comment in response to the ICO’s statistics: "These findings came as no surprise. With tools such as Windows Recycle Bin and other supposedly secure methods of deletion, users can often be lulled into a false sense of security when removing unwanted files from their gadgets. In reality, there is a fundamental flaw in the way that certain sensitive information is removed. Hitting ‘delete’ is not enough.

"There are both regulatory and practical consequences of improper file deletion. In practical terms, unnecessarily storing data that is no longer needed takes up capacity and will eventually impact the performance of IT systems. More importantly – and as demonstrated by this research – sensitive data that has not been properly deleted could end up in someone else’s hands and give cybercriminals the tools they need to coordinate an attack. Anybody that is serious about data security should utilise an electronic shredder that not only deletes a file, but overwrites the disk space the file previously occupied – in order to make it virtually impossible for anyone to access the unwanted information."