Addressing the Threat of Embedded Media
Most of the companies we speak with have adequate policies and procedures in place for handling data erasure and equipment disposal, such as the shredding of hard drives. However, many businesses are completely unaware that they are constantly at risk of exposure due to embedded media. Their efforts to prevent the threat of embedded media are either non-existent or insufficient. Often times our customers do not know know where embedded media is located within their physical equipment, nor do they know how to correctly erase the information. Our customers need to prove the embedded media has been completely eliminated when faced with an audit.
For example, many businesses assume that when they shred the hard drive, all data security issues are eliminated. Unfortunately, physically destroying hardware is insufficient. In fact, the DRAC (Dell Remote Access Card) in the back of the server, which usually contains IP addresses and credentials, is considered an exposure risk. The sensitive information can be hacked and used as an an initial entry point to your network. The vulnerability is a major risk for your business. From IP Phones to wireless devices to smart UPS and PDUs, the key to your company’s network is oftentimes not on hard drives, but in the form of embedded media providing network credentials. Thanks to the Internet of Things (IoT), information is now embedded everywhere, but the risk profile has also increased. Knowing where your risk lies is a crucial insight for any business in today’s tech driven world.
At CRUSA, we have developed a process to mitigate risk and ensure that your business does not become the next target for a security breach. We create a comprehensive plan for secure IT asset disposition, which includes policies and procedures for erasing hard drives AND embedded media. To learn more, download our free white paper on embedded media here.