One fifth of the UK public doesn’t know how to permanently erase data from a device, Kaspersky research has found. The cybersecurity expert also undertook a data retrieval experiment on second-hand devices and discovered that 90%
Kaspersky set out to uncover the dangers of second-hand device ownership by conducting consum
Sensitive business data was found on 10% of both the desktop and storage media devices that were analysed. Almost one-fifth (16%) of the devices contained data that could be discovered and extracted immediately, while a staggering 74% held data that could still be recovered through file carving. Additionally, the cybersecurity expert found only 11% of the devices it analysed were entirely clean, showing that more needs to be done not only to increase data awareness, but ensure data is completely removed from a device before it is sold second-hand.
Through its survey, Kaspersky found that one in ten (10%) UK workers either don’t know if their devices are connected securely at home, or admitted they are not connected securely. Though this research was European-based (across 2,
In light of these findings, Kaspersky is calling for businesses to raise awareness among their employees about the importance of data handling, by providing employees with the necessary information and training on how to correctly handle work-provided
David Emm, Principal Security Researcher at Kaspersky, said: “It is clear there is currently not enough education around the risks of leaving data on second-hand devices, and when people are using personal devices to carry out work-related functions, this presents a real to danger to businesses. It is imperative companies empower staff to do this effectively, and ensure sensitive data is being handled and removed completely before a pre-owned device is sold.”
Tips to ensure devices are clean include:
- Back up all data, including contacts.
- Remove the SIM card and any external storage such as a microSD card.
- Log out of services like email and social media, then clear the data from these apps if you can.
- Factory reset the device.
- Use a secure erase feature, as a simple delete is not enough.
Deleting data using File Shredder
When “normally” deleting via the Del key followed by emptying the Recycle Bin, the files are not deleted properly, but only the reference to their location on the disk is removed. To shred files, there are dedicated programs. Some security solutions such as Kaspersky Total Security have such file shredders directly integrated.
Deleting Cipher data with on-board tools
Files or directories can be deleted quite reliably with Windows’ own on-board tool “Cipher”. The tool is used to encrypt files, but can also delete them from the hard disk or render them unusable. Using the Windows tool is particularly useful if no additional programs are to be downloaded to delete data.
Meanwhile, purchasers should always activate security software for testing, and perform a scan immediately after purchase and before using the device for the first time. These steps should form an extra layer of caution on top of an embedded solution that provides protection.
Read the latest edition of PCR’s monthly magazine below: