When your company gets new computers, the number one priority is to set them up with proper security measures. While many people understand the importance of doing this for new computers, many people fail to realize the importance of implementing security measures when disposing of old devices.
Delete any data or files that are on the computer and securely back them up so you can regain access to data on other computers or devices. Administrator accounts should be deleted to ensure any remaining data is removed. You can do this by creating a new administrator account where no files are saved. Use the new account to delete other accounts that were once active.
If you have software on your computer, make sure to deauthorize the computer’s access. For security purposes, many software programs limit the number of devices that can authorize them. Deauthorize any devices you are getting rid of so you don’t run into problems adding these accounts onto new computers in the future. These programs may contain sensitive account information, so don’t forget to uninstall them as well.
When files are deleted from your computer, the data can still be retrieved off a hard drive. The old files data can be overwritten if someone uses a data recovery program. Use a disk eraser to remove the file information from the hard drive.
If a hard drive contains confidential and sensitive information, it is advised you store it within your organization in a secure place. Old hard drives should be stored in a locked room. Only a select number of people should know where old hard drives are located. You should still erase your hard drive if you choose to keep it.
If you are switching out old devices and won’t be able to perform the security measures right away then make sure you store old devices in a secure place. Don’t just keep them in a basement or in an unused office that isn’t kept secure or locked. Store these devices in a dedicated closet or storage area that employees don’t have regular access to.
Keep a record of which devices you have disposed of and which are stored and awaiting disposal. Keeping a record of these devices prevents you from forgetting about them for too long. Create a timeline of when security measures will be performed on old devices rather than letting them sit for months, causing a security risk.
Take an inventory of unused devices in case anyone ever got access to one for malicious purposes. Ensure you conduct an inventory of these devices regularly. This will allow you to know if any are missing and if someone took one with the intent of obtaining sensitive information.
If your company fails to take the proper steps when disposing of old computers, it could lead someone having unauthorized access to information. If you have further questions or concerns about disposing of old computers contact us for professional advice on how to improve your security.
Call us at 519-451-1793