Ongoing research to be published in the International Journal of Liability and Scientific Enquiry suggests that there is a huge amount of sensitive data still on redundant computer hard disks.

These devices are often disposed of or sold into the second-hand market by corporations, organizations, and individuals with the data intact.

The authors of the report say that this data represents a significant level of risk for commercial sabotage, identity theft, and even political compromise, and suggest that better education is essential to reduce the risk of harm.

It is not well known among computer users that simply deleting a file from the hard disk does not actually remove it from the computer but simply deletes its entry in the index for the hard drive. To remove all traces of a file requires the actual data to be wiped using ‘digital shredding’ software. Such software is readily available and should be run as a high priority by individuals, companies and organizations intending to pass on their legacy computer hardware to third parties.

Andrew Jones, head of information security research at British Telecommunications, in Martlesham Heath, UK, working with Glenn Dardick of Longwood University, in Farmville, Virginia, and colleagues Craig Valli, of Edith Cowan University, Western Australia, and Iain Sutherland of the University of Glamorgan, UK, have analyzed data that remained on a number of second hand hard disks that had been obtained on second-hand markets.

"The research revealed that a significant proportion of the disks that were examined still contained considerable amounts of information, much of which would have been of a sensitive nature to the organization or individual that had previously owned the disk," the researchers explain.
The team adds that the percentage of disks that have been effectively wiped had fallen significantly, from 45 percent to 33 percent, since the previous year's survey.

The researchers make several recommendations for improved data security - with regard to hard disks and other storage media, including memory cards, mobile phones, and other devices, and suggest that public awareness campaigns by Government, the media, commerce and/or academia ought to be run to help reduce the risk of sensitive data entering the information black-market.

•Date: 6th Nov 2008• Region: World •Type: Article •Topic: ISM
Rate this article or make a comment - click here