It seems like a pretty safe activity, doesn’t it? After all, we are all colleagues, and a simple reimage and redeploy of a Windows laptop - deleting the old user’s profile and creating a new one - and it’s job done. But is it? The truth about how much data remains after a standard reimage and redeploy is sobering. Personal information and company data linger in the background, and simple software is often all that is needed to bring it to the surface.
Today, we look at best practices for reusing corporate laptops, and how simple solutions can save you from big headaches.
What Aspects Require Special Attention – & Why?
Security breaches normally begin with employee action. This may be accidental or – occasionally – deliberate. Any employee with access to IT infrastructure poses some risk, but there are particular times of vulnerability:
- Reusing laptops
- Inducting employees into a new IT system
Good security begins by ensuring that the laptop is properly sanitised after an employee has finished using it. After this, it is a question of ensuring that best data security practice is observed.
Secure Data Cleansing
The days of simply being able to ‘wipe’ a laptop are long gone. Freely available software can forensically retrieve data from a reformatted hard drive. The solution to this is data sanitation. There are two types:
- Data cleaning
- HDD shredding
At Absolute IT Asset Disposals, we use the Blancco data erasure software platform for data cleaning. Currently, this is the fastest and safest method available. It guarantees complete, rapid security. Through Absolute IT, both on-site and off-site Blancco sanitation is available.
Data sanitation and certification for re-use may seem rather extreme - but then, so are the penalties for avoiding this best practice. A professional service offers 100% assurance and peace of mind.
Securely cleaning the laptop is just the first part of the process. For the new employee, password discipline needs to begin from Day One. A company’s password policy should prescribe precautions such as:
- Using strong passwords - a strong password can be a memorable phrase made up of unconnected words, such as RainwaterCookingPingpong – a seemingly random phrase that is long enough to be secure. It could also be a mixture of upper-case and lower-case letters and numbers.
- Changing passwords at regular intervals – passwords should be changed every 3 months, at most.
- Using each password for only one application – correcting determining the password to one application may not pose as big a threat as determining the password to other applications. Minimise the risk of this by assigning a different password for each application you use.
- Never revealing or sharing passwords – even with trusted colleagues.
Remote & Home Working Procedures
Today, many companies have remote workers. External connectivity to the company network potentially exposes the entire IT infrastructure, including data, to hostile access unless proper security measures are observed. Data encryption is critical when remote access is permitted. A basic remote use policy will include guidance such as these basic points:
- Disconnecting the laptop or mobile device from the VPN when unattended
- Checking that nobody can see the screen when working in public places
- Guarding against theft or loss, and notifying IT immediately should that ever happen
- Ensuring that removable data devices, such as memory sticks, are encrypted
- Ensuring that company equipment is not to be used for personal purposes
Why Should I Be Concerned?
Aside from the basic ethics of employee privacy, data security is a very real concern under GDPR legislation. Traditional re-image and re-deploy does not meet the data security requirements of either customers or employees.
Another good reason to ensure that no scrap of data is left on a laptop is the danger posed by social engineering. Criminals can create false identities from just a few pieces of data. They can then impersonate that individual in very clever ways to gain access to systems. In the case of a corporate laptop, that could easily mean your system.
Find Out More
Protection against data leaks when reusing or disposing of old IT equipment is assured when you engage a professional service such as Absolute IT.
Download our Guide To Mobile Data Shredding and find out more about how data sanitisation services can be carried out in your offices.