Malware is on the rise. (Duncan Alfreds, Fin24)
Cape Town – Companies stand to decrease costs by recycling old computer equipment that may still be useful, says an insider.
As the falling rand results in higher costs for PCs, firms that re-purpose functioning laptops could reduce costs and help the bottom line, said Xperien, which specialises in asset disposal.
But the process of recycling machines should be done with careful planning.
"If you don’t address the security risks, there’s a fair chance your organisation’s most sensitive data might fall into the wrong hands,” said Xperien chief executive Wale Arewa.
The Gemalto Breach Level Index showed that there were five attacks registered in 2015 in SA, while 3.6 billion data records have been exposed globally since 2013.
READ: Negligence the 'main reason' for cyber hacking
The 2015 Verizon Data Breach Investigations Report found that in organisations, 23% of recipients open phishing messages and 11% open attachments.
Trustwave found that in SA, companies that do get compromised are often unaware of this and just 38% of local firms have organisational measures in place to prevent unauthorised data loss.
"Before you allow any staff member to use old hardware, you should destroy all data. You don’t want a new employee to have access to the chief financial officer’s unencrypted spreadsheets," said Arewa.
He recommended using software like Blancco 5 to remove all data from old hard drives before passing on old computers to new users.
"It is capable of wiping storage media to the highest industry standards without affecting its functionality."
Xperien also said that companies have to comply with the legislative framework including Protection of Personal Information Act, the National Environmental Waste Management Act and the Consumer Protection Act regarding the disposal of computer equipment.
"If you plan to redeploy a set of laptops that were previously only used in the office, but will shortly be the used by a more mobile team, one needs to ensure strong authentication and encryption,” said Arewa.
“If it’s not mandated in the security policy that they use strong authentication and encryption, there’s an increased risk that the loss or theft of one of those devices might lead to a serious data breach," he added.
- Follow Duncan on Twitter