Threat Tuesday: The Insider ITAD Threat

Blake CormierNews

Many organizations are taking a serious look at insider security threats. While we hope we can trust those who work for us, there have been numerous cases where employees or contractors have “gone rogue” and caused a major security breach for their organization.

But insider threats don’t just refer to malicious activity. Accidental actions or oversights can lead to security compromises and data breaches that are just as damaging, if not moreso, than outright malicious actors.

So, companies need to consider the possibility of insider threats in their security models, and take action to mitigate it. And the end-of-lifecycle for IT assets is no exception.

Many companies task their existing IT staff, often junior employees or interns, with handling the destruction and disposal of IT equipment that contains sensitive data. But with little tracking and accountability in this part of the lifecycle, insider threats quickly emerge.

For example, will anyone notice if one of your old servers or a few workstations disappear and end up on eBay? How can you be sure that their drives were wiped of sensitive data?

Even if the action isn’t malicious, poor training or unfamiliarity with data security can also pose a security threat. How thoroughly does a drive need to be destroyed before data is unreadable? Is software formatting enough? Without answers to questions like these, your IT staff may make mistakes that lead to the exposure of your company’s sensitive data — breaching your customers’ trust and damaging your reputation.

Scenarios like these are why companies of all sizes choose to make use of professional ITAD services from providers like CyberCrunch. Our trained, insured data destruction experts will make sure that your equipment is wiped of all data. And we can provide serialized destruction reports, so you’ll know exactly where your old equipment ended up.

Contact CyberCrunch today to receive a quote or schedule a pickup.