Is physical data destruction completely secure?

Cybersecurity is a paramount issue facing businesses in the digital world. The average costs of a successful cybercrime in 2017 were roughly $1.3 million for large enterprises and $117,000 for small- to medium-sized businesses, according to Kaspersky Lab. These figures include the cost of data theft but do not encompass the additional potential price of a damaged reputation and ensuing legal action. Data also indicates that cyberattacks will become only more expensive and damaging in the coming years.

Defending an organization against cybercrime requires a multi-channel approach. Companies should be open to software solutions, employee training and hardware upgrades whenever necessary. However, another avenue for cybercrime is occasionally overlooked. Physical theft of connected mobile devices, laptops and even desktop computers can lead to an open pathway for cyberattacks. In addition, some businesses simply sell their used electronics without first doing a proper data cleanse.

But can information to completely and permanently removed from a hard drive?

Hard drives are traditional data collection units that can be altered in a number of ways. However, the question is "can data be permanently removed."Hard drives are traditional data collection units that can be altered in a number of ways. However, the question is “can data be permanently removed?”

The levels of data destruction
Deleting data is not as secure as some might assume. In actuality, when information on a computer is “deleted,” the files themselves are not immediately removed. Instead, the pathing to that information is expunged. The data is also designated as open space, so the computer will eventually overwrite it. However, until this rewrite occurs, it is relatively easy for the information to be restored and accessed by any tech-savvy user.

Fortunately for organizations trying to permanently dissolve their data, deletion is only the first step of the process. Lifewire recommended three additional methods to ensure that information remains lost.

First comes software – using a data destruction program on the hard drive. This method has been met with approval from the National Institute of Standards and Technology as a secure way to permanently remove information from a hard drive, according to DestructData. However, drawbacks include resource consumption, as this can be a time-intensive process. In addition, some overwriting tools can miss hidden data that is locked on the hard drive.

The most secure method to completely remove data is degaussing. Hard disk drives operate through magnetic fields, and degaussers alter those waves. The result is a drive that can never be read again. In fact, the computer will not even register it as a hard drive from that moment on. However, the downside in this process is twofold: One, the drive is useless after degaussing. Two, this method can on only hard disk drives. Solid state drives and flash media do not use magnetism in the same way, so a degausser will be ineffective.

The final option is to physically destroy the data drive. While many people think that this task can be done with patience and a hammer, it is unfortunately not that simple. Hard drives can be rebuilt with the right tools and expertise. According to the Computer World, NASA scientists were able to recover data from the charred wreckage of the Columbia shuttle after its disastrous explosion and crash in 2003.

Computers that are simply thrown out can still possess classified data, which can return to haunt the company.

The resiliency of hard drives
In short, it can be difficult to permanently expunge data from a hard drive. This reality is in part why businesses are opting for less internal data centers and more dependency on cloud solutions. According to TechTarget, cloud solutions represent a more secure method of data organization than traditional IT infrastructure.

While data can be safely deleted, the reality is, unless a degausser is used, there is always some chance of information recovery. Cybercriminals are becoming more sophisticated, and given the expensive nature of dealing with data breaches, it is understandable why the cloud is becoming the preferred solution.

Webinar: Strengthen Security Ops & Tackle Threats

By now you know that Covid-19 has expanded the attack surface, making businesses across the globe more vulnerable to attacks via remote workforces and security policies built on the fly. You also know that a layered security approach is the solution. 

But what does a complete security strategy entail? How do you know what layers to add? And how do you get there?

In this webinar, Lane Roush, Vice President of Pre-Sales Systems Engineering for Arctic Wolf, utilizes his 20+ years of experience in IT infrastructure, storage, compute, networking and security to layout a more cost effective way of layering your security strategy.

What You’ll Learn:

  • How to strengthen your security operations
  • What the NIST Cybersecurity framework is and how to complete it
  • Tackling a hybrid-remote workforce during COVID-19
  • How ISG + Arctic Wolf can help

Who Should Watch?

Business and IT leaders who are responsible for business continuity, disaster recovery and data protection.

Webinar: Maintaining Security, Adapting To Change

The world has changed. The volume and velocity of digital data is growing exponentially. And maintaining control in a world where every device is storing and computing data makes it more difficult. 

So, how do you deal with the rapid pace of change? How do you maintain security?

In this webinar, James Morrison, former FBI Computer Scientist focused on Cybersecurity and current HPE Distinguished Technologist, utilizes his 20+ years of experience with the FBI to help business and IT leaders grapple with the rapid pace of change they are experiencing. Here’s what you’ll learn:

What You’ll Learn:

  • The reality of the threats you face in a COVID-19 world
  • What a holistic approach to cyber security looks like
  • How to properly invest in your security operation
  • The 7 habits of highly effective security organizations
  • How ISG + HPE can help

Who Should Watch?

Business and IT leaders who are responsible for business continuity, disaster recovery and data protection.

Webinar: 5 Critical Steps to Strengthen Your Cybersecurity Posture

Turning Disruption Into Opportunity

With the impacts of 2020 weighing heavy on many businesses, the ability to adapt and reset becomes paramount for both long-term success and survival. Whether you’re a single-location operation or a business executive at a large corporation who just wants to mitigate risks in the COVID-19 world we’re living in, you’ll glean something from this insightful security webinar, and presented it at the August 2020 Kcoe Pro Virtual Summit.

What You’ll Learn:

  • The evolving threat landscape, and the emerging security threats that exist
  • The challenges that results from those threats
  • Five critical steps to strengthen your security posture
  • How ISG can help

Time for an IT Checkup: Why A Network Assessment Is Essential for Your Business

These uncertain times surrounding the COVID-19 pandemic have undoubtedly had a big impact on your business and how you operate. Amidst the coronavirus outbreak, it’s likely you have needed to abruptly switch to remote network setups as a way to flex to the current market needs and social distancing guidelines. 

With this switch to remote networks, however, comes a rise in potential security risks. To defend against these threats, businesses in every industry should carefully evaluate their need for a network risk assessment right now. Getting an IT checkup to ensure your business is protected and running at optimal efficiency is the best way to keep your data safe and avoid costly damages associated with security incidents.

Here are 4 main reasons you should get a network assessment for your business today:

1. There are likely security weaknesses in your infrastructure.

Moving to a remote network can leave security holes in your infrastructure. Switching to a new setup, especially a remote one, can leave your systems vulnerable to attack if you fail to upgrade your cybersecurity.

With employees using personal devices or work devices on a personal Internet connection, your company is at a higher risk for data loss and breaches. Unprotected networks mean data is more easily accessible to threat actors, especially when shared or stored on a personal device that is not protected by an onsite server. 

A network assessment is imperative for businesses who want to protect their remote networks. With a network assessment, your provider analyzes your systems for any potential security weaknesses. They then offer suggestions for patching these weaknesses based on your unique business processes. Failing to get a network assessment means these security weaknesses can lead to more severe problems, as well as leave doors open for hackers to steal your data. 

2. Cyber attacks are on the rise.

If the security holes weren’t incentive enough, it’s essential to understand that cyber attacks are increasing as threat actors seek to take advantage of the unfortunate circumstances caused by the pandemic. Hackers know that the swift change to remote networks has left a lot of businesses inadequately protected, and SMBs are particularly vulnerable since they usually have fewer security measures in place to begin with.

Attackers are using this as an opportunity to seek out businesses that aren’t prepared for the current working conditions. Some recent examples of increased hacking include video and teleconference hijacking, data breaches, and fraud. A network assessment protects you from these incidents by evaluating your risk of being attacked and strategizing ways to mitigate that risk.

3. An assessment can reduce inefficiencies in your network.

You’ve probably had to restructure many of your digital provisions since coronavirus hit, and that can mean your systems aren’t running as efficiently as possible. As a business owner, you can’t afford to face additional damages due to inefficiencies causing downtime, lower productivity rates, or insecure digital environments.

A network assessment proactively scans your systems for inefficiencies that may be harming performance rates, uptime, or productivity levels. Your provider can then consult you on ways to eliminate these inefficiencies, allowing your business not only to save money but also better achieve your improvement goals.

4. You could be saving money.

Beyond saving money by increasing uptime and reducing inefficiencies, a network assessment can help your business find other opportunities to cut costs.

For example, you may consider consolidating software, re-evaluating per-user agreements and IT contracts, and getting rid of equipment or applications that are no longer useful for your remote environment. A network assessment gives you a closer look at the applications you may be underutilizing or that are no longer necessary given your current working conditions.

In many cases, remote workforces no longer need several different programs and applications to complete their roles. In fact, many teams tend to work more efficiently when software is consolidated and simplified into one universal platform.

To sum it up, delaying a network assessment can be damaging to the security, efficiency, and bottom line of your business. Rather than putting your time, money, and peace of mind on the line and taking a chance on your remote network setup, you’ll sleep better at night knowing your business is operating efficiently and isn’t susceptible to cyberattacks following a network risk assessment. 

Webinar: Winning The War On Ransomware

Let’s Declare War On Ransomware

Every day, organizations are at risk of losing data and damaging business reputation from ransomware threats. And now that the attack surface has increased exponentially with a remote workforce, the threat level has never been higher.

In this webinar, we will help you understand the latest threats to your data and how to overcome them with a comprehensive cloud data management strategy. From awareness of the threat, to implementation of backups, to the actions you take the moment disaster strikes and more, we’ll help you understand how to take your ransomware resiliency to a new level.

What You’ll Learn:

  • 3 timeless approaches to ransomware resiliency
  • How to develop a ransomware resiliency strategy
  • The most common ransomware attack vectors
  • The latest techniques in the fight against ransomware
  • Different methods to remediate ransomware threats

Webinar: Cybersecurity for Your Suddenly Remote Workforce

As COVID-19 continues to change daily work life around the globe, organizations are facing a challenging new cybersecurity reality. To provide actionable information for IT and security teams everywhere, we’re inviting you to join our live webinar: Cybersecurity for Your Suddenly Remote Workforce.

During this webinar, we’ll help you develop a better understanding of the challenges and solutions to protecting your organization in the reality of a remote workforce. You’ll get an in-depth look at the evolving COVID-19 threat landscape, insights and recommendations based on what we’re seeing across our customer base, and tips to help you maintain and improve your security posture during these changing times.

6 tips for setting cybersecurity goals for your business

Cybersecurity is a major issue for every business, whether you’re running a multinational organization or a local company. Here’s what you need to know about why prioritizing cybersecurity is so important – and some advice on developing a cybersecurity strategy that aligns with your company’s needs and your IT budget. 

Why cybersecurity is so important 

When it comes to cybersecurity, there’s no such thing as being too careful. Cybercrime is rapidly on the rise, and the average cost of a security breach has shot up to over $13 million in recent years. 

What’s more, antivirus and antimalware programs aren’t enough anymore to protect your company from increasingly sophisticated threats. Statistics show that 52% of breaches featured hacking, 28% involved malware and roughly 33% included phishing or social engineering, respectively.

If you plan on keeping your business secure, there are a few steps to follow. 

1) Know what you need from your cybersecurity 

Every viable cybersecurity strategy is designed to achieve two things. Firstly, it should protect your business from external threats. Secondly, it should minimize the risk of negligent employees exposing your sensitive data to hackers. 

To get started, it’s a good idea to download or create a planning tool. This will allow you to note down your cybersecurity goals and how you plan on achieving them. You can revise this plan if necessary and set new goals as you go along.  

2) Establish threats and risks

Make sure you understand the impact of any disaster, be it a security breach or a malware infection, on your operations. Prepare for as many eventualities as possible and review the threats to your business regularly. 

3) Set targets for maintenance 

Update your antivirus and antispyware software regularly, and set up your systems so they automatically download crucial patches when they become available. Maintain your hardware and replace or repair faulty equipment when necessary. 

Make it a goal to change passwords regularly and always monitor access to your wireless network for any suspicious activity.   

4) Schedule backups 

Make sure that you back up important data and system processes at regular intervals. Automate these backups where possible so you don’t forget about them.   

First, decide how frequently you’ll back up data and where you’ll store it, such as in the cloud or in hard copy. Make sure you comply with privacy laws and other sector-specific regulations. 

5) Don’t forget employee training

Your employees are key to ensuring that your cybersecurity strategy is a success. Set training goals and review employee understanding of cybersecurity issues on a semi-regular basis. 

When setting training goals, set out a manageable schedule for cybersecurity training and a plan for monitoring adherence to cybersecurity processes. 

6) Seek expert advice

IT managed services providers are best placed to help you devise effective cybersecurity goals that suit your business needs and your budget. If you’re unsure how to get started on a cybersecurity strategy, or if you’re worried that your current strategy isn’t working, it’s a good idea to seek professional help.  

Staying protected

Although every business is unique, there are some cybersecurity goals common to them all. Ultimately, keeping company data secure from evolving and existing threats should be a priority for every business going forward. For more information on developing a cybersecurity strategy that suits your business, contact us today.