Monthly newsletter Weekly news roundup Breaking news notification    

Data deletion is not enough…

Get free weekly news by e-mailIT managers must formulate better policies to protect mobile devices, UK encryption firm BeCrypt has warned - especially relating to the deletion of files from mobile devices.

Recent industry calls for secure data deletion do not go far enough, the company warned, after it recovered data that had supposedly been deleted from storage media such as USB sticks and memory cards purchased online. BeCrypt recovered mobile telephone contact databases, business material including corporate launch information for a new Land Rover, MP3 files, GCSE coursework, family photographs and pornography using software purchased at nominal cost from the internet.

According to the UK Home Office more than 100,000 people per year fall victim to identity theft at a cost of more than £1.3 billion per year. Gartner estimates that the number of mobile email devices, such as Blackberries and other PDAs, will hit 80 million globally within three years.

“With the proliferation of mobile devices in business, it is critical that IT managers implement policies to protect all corporate data whether the data is used inside the firm or transported on mobile devices,” said Peter Jaco, CEO of BeCrypt. “Staff need to be educated as to the potential risks of losing data and firms need to deploy software to encrypt data held on corporate peripheral devices. Deleted files, as we have demonstrated, can be easily recovered using freely purchased software on the web, but if the data was encrypted as part of a corporate security policy, or by the home user in the first place, the data would be safe.”

Reformatting magnetic memory such as a hard disk drive, or electronic memory such as a USB memory stick, results in only the file allocation table being erased and typically files themselves are left intact until they are subsequently overwritten. This means data can still be recovered using data recovery tools.

BeCrypt analysed a number of devices purchased on eBay for between £5 and £10 each, all of which contained recoverable information. A fifth contained personal information that could be used for identity theft. All but three of the devices appeared to have been freshly formatted or had all the data erased using tools provided as part of the computer’s operating system.

www.becrypt.com

Date: 18th Oct 2005 • Region: UK Type: Article •Topic: IT continuity
Rate this article or make a comment - click here



Copyright 2006 Portal Publishing LtdPrivacy policyContact usSite mapNavigation help