Presentation is loading. Please wait.

Presentation is loading. Please wait.

National Property Management Association Disposing of Assets Containing Sensitive Information Kim Doner, CPPM SRA International.

Published byEvangeline Gordon Modified over 9 years ago

Similar presentations

Presentation on theme: "National Property Management Association Disposing of Assets Containing Sensitive Information Kim Doner, CPPM SRA International."— Presentation transcript:

1 National Property Management Association Disposing of Assets Containing Sensitive Information Kim Doner, CPPM SRA International

2 National Property Management Association Unfortunately, sensitive information is often left in assets by agencies or private parties that transfer, donate, or sell assets to the public. This can pose a potential risk to you and your agency. Sensitive information has a wide array of markings such as Top Secret, Secret, Classified, Sensitive, Official Use, and many other types of labels, and sometimes it’s not marked at all! The items listed below may contain sensitive information. VCR (tape) Cell Phones PDA’s Printers Hard drives USBs CD Rom’s CD Rom Drives Flash Drives Magnetic Tapes Copiers Memory sticks Typewriter Ribbons

3 National Property Management Association 3 Some of the material that businesses routinely throw away could be of use to a wide variety of groups including business competitors, identity thieves, criminals and terrorists. Useful information includes staff names and addresses, telephone numbers, product information, customer details, information falling under the Data Protection Act, technical specifications and chemical and biological data. (Terrorist groups are known to have shown interest in the last two areas.)

4 National Property Management Association 4 Particular care needs to be taken to effectively destroy digital media that may contain the personal and contact details of staff or customers and company confidential data. Digital media needs to be overwritten with random data several times to make the original data irretrievable; this should include all addressable locations and not just the file allocation table. Overwriting cannot be used for media that is damaged or otherwise not writeable; in these cases the media should be purged by degaussing with a strong magnetic field or destroyed.

5 National Property Management Association 5 There are several methods that may be used for destroying sensitive media; however, before investing in waste destruction equipment you should: Ensure that the equipment is up to the job. This depends on the material you wish to destroy, the quantities involved and how confidential it is. Ensure that your procedures and staff are secure. There is little point investing in expensive equipment if the people employed to use it are themselves security risks. Make the destruction of sensitive waste the responsibility of your security department rather than facilities management.

6 National Property Management Association 6 Contracting out the Destruction of Sensitive Media: If you use contractors, ensure that their equipment and procedures are up to the standard you require. Find out who oversees their process, what kind of equipment they have and whether the collection vehicles are double-manned, so that one operator remains with the vehicle while the other collects. Get references!

7 National Property Management Association 7 Methods of Destroying Sensitive Media Include: Shredding Paper shredders shred to many different sizes and the size of shred you use will depend on the type of information you are destroying. Highly confidential material should be shredded using a cross-cut shredder producing a shred size no more than 15mm x 4mm. This should ensure no more than two adjacent characters appear on any one piece of shred. Paper shredders can also be used to destroy diskettes, CDs, and similar optical media by cross-cutting or shredding. The shred size should be proportional to the confidentiality of the data, typical fragments should be no larger than 25mm.

8 National Property Management Association 8 Methods of Destroying Sensitive Media Include: Incineration Incineration is probably the most effective way of destroying sensitive waste, including disks and other forms of magnetic and optical media, provided a suitable incinerator is used (check with your local authority). Open fires are not reliable as material is not always destroyed and legible papers can be distributed by the updraft. Metallic-based digital media can be destroyed by melting.

9 National Property Management Association 9 Methods of Destroying Sensitive Media Include: Pulping This reduces waste to a fibrous state and is effective for paper and card waste only. Some pulping machines rip the paper into large pieces and turn it into a papier maché product from which it is still possible to retrieve information. This is more of a risk than it used to be because inks used by modern laser printers and photocopiers do not run when wet. There are alternative methods for erasing electronic media, such as overwriting and degaussing

10 National Property Management Association Asset tags (property tags) or any other identifying markings should be removed. It is highly recommend that you or your recycler ensures all property tags are removed from your equipment. This will minimize your agency’s risk of exposure from media attacks or a hacker who may attempt to compromise your agencies data.

11 National Property Management Association Hard drives, if properly wiped with the proper software can be reused. Instruct your IT personnel to double check computers that are going to be taken out of service. From time to time some computers host two or more hard drives. Be sure to check all drives for removable media.

12 National Property Management Association Ensure your agency or recycler has the capability to open CD/DVD caddies to ensure all discs have been removed. Most media that gets out into the general public comes from un- removed discs.

13 National Property Management Association Printers/Copiers can also host a hard drive. Often, documents of sensitive nature are left in paper trays or printer spools.

14 National Property Management Association Remove and destroy typewriter ribbons. Data is left on the used spool of the ribbon. Thumb drives : Re-format the drive. (Reuse) or destroy the unit when it becomes obsolete.

15 National Property Management Association Check VCR units to ensure no tapes are left in them.

16 National Property Management Association Cellular phones: Remove SIM card and destroy by crimping or cutting, (Please recycle the card) (Cellular phones are recyclable) or delete the information on the unit.

17 National Property Management Association Magnetic tape: Ensure your tape is degaussed or destroyed. Magnetic tape is a polyester compound (Mylar).

18 National Property Management Association Floppies/CD’s should be shredded or degaussed. These items are recyclable. CD disks can be recycled into new products.

19 National Property Management Association PDA’s should be erased (re-formatted) prior to resale or reuse or be disassembled into the state of a saleable commodity.

20 National Property Management Association Other items that can maintain hidden storage of data and sensitive information are micro fiche, cameras, filing cabinets, safes, and answering machine cassettes. Identity theft has become a major concern to law enforcement throughout the United States. It is the fastest growing crime, and affects more than 500,000 new victims each year. Protect yourself at work and at home by double-checking that all (media/data) is destroyed or erased.

21 National Property Management Association Media containing sensitive data should be clearly marked; however, when in doubt, treat all data as if it is sensitive! (Photos of media provided courtesy of FPI UNICOR)

Download ppt "National Property Management Association Disposing of Assets Containing Sensitive Information Kim Doner, CPPM SRA International."

Similar presentations

Term Project Grade 9 Section B Due december 18 Find and research one Emerging technology not studied in class. It can be a prototype or already available.

Term Project Grade 9 Section B Due december 18 Find and research one Emerging technology not studied in class. It can be a prototype or already available.
Chapter 7: Physical & Environmental Security

Chapter 7: Physical & Environmental Security
Computer and Mobile Device Equipment Security Brief May 29, 2008 Presented by: Kevin G. Sutton, Chief, Information Technology Unit.

Computer and Mobile Device Equipment Security Brief May 29, 2008 Presented by: Kevin G. Sutton, Chief, Information Technology Unit.
Identification and Disposition of Official University Records University of Texas at Arlington Records Management.

Identification and Disposition of Official University Records University of Texas at Arlington Records Management.
Data Destruction and The Impact on Recycling. Data Breaches In 2012, over 26M records from 617 data breaches were made public Average costs: –$194 per.

Data Destruction and The Impact on Recycling. Data Breaches In 2012, over 26M records from 617 data breaches were made public Average costs: –$194 per.
BUS VIDEO RECORDINGS COLLECTION – PROCESSING - REDACTION - SHARING WHAT IS RIGHT FOR YOUR DISTRICT?

BUS VIDEO RECORDINGS COLLECTION – PROCESSING - REDACTION - SHARING WHAT IS RIGHT FOR YOUR DISTRICT?
Sanitizing Data from Storage Devices with a Live CD Brian Compton College of Technology – University of Houston Sanitizing Data from Storage Devices with.

Sanitizing Data from Storage Devices with a Live CD Brian Compton College of Technology – University of Houston Sanitizing Data from Storage Devices with.
NOAA Computer/Hard Drive Sanitization Validation Form and PDA/Cell Phone Destruction Worksheet.

NOAA Computer/Hard Drive Sanitization Validation Form and PDA/Cell Phone Destruction Worksheet.
Pesticide Storage Security Iraqi Surface to Air Missile This is a funny slide, however the threat of terrorism is serious. We all have to do our part.

Pesticide Storage Security Iraqi Surface to Air Missile This is a funny slide, however the threat of terrorism is serious. We all have to do our part.
Media Sanitization How to get rid of unwanted data so no one else can get it.

Media Sanitization How to get rid of unwanted data so no one else can get it.
Computer and Physical Security Recommendations. Assure that computers and work locations are secured when work areas are not staffed.  Log-off or lock.

Computer and Physical Security Recommendations. Assure that computers and work locations are secured when work areas are not staffed.  Log-off or lock.
Computer Basics Dayton Metro Library Place photo here May 20, 2015.

Computer Basics Dayton Metro Library Place photo here May 20, 2015.
DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,

DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,
Computer Storage Devices Principles of Information Technology Lytle High School Click to continue.

Computer Storage Devices Principles of Information Technology Lytle High School Click to continue.
3.1 Storage devices and media

3.1 Storage devices and media
Instructions Slides 3,4,5 are general questions that you should be able to answer. Use slides 6-27 to answer the questions. Write your answers in a separate.

Instructions Slides 3,4,5 are general questions that you should be able to answer. Use slides 6-27 to answer the questions. Write your answers in a separate.
STORING YOUR DATA ……………………………………………………………………………………………………………………………….…………………………….. ……………………………………………………………......…... RESEARCH DATA MANAGEMENT TEAM UK DATA.

STORING YOUR DATA ……………………………………………………………………………………………………………………………….…………………………….. ……………………………………………………………......…... RESEARCH DATA MANAGEMENT TEAM UK DATA.
1st Choice Document Destruction, Inc (a member of the NAID Association) is proud to be an exclusive distributor for “The Guardian” Hard Drive Destroyer.

1st Choice Document Destruction, Inc (a member of the NAID Association) is proud to be an exclusive distributor for “The Guardian” Hard Drive Destroyer.
STORAGE DEVICES AND MEDIA BY: T.MINH. Backing Up Data Refers to the copying of files and data to different medium in case of problem with the main storage.

STORAGE DEVICES AND MEDIA BY: T.MINH. Backing Up Data Refers to the copying of files and data to different medium in case of problem with the main storage.
The two types of storage: Primary Storage Secondary Storage

The two types of storage: Primary Storage Secondary Storage

Similar presentations

Ads by Google