This is the seventh post in a series about data breaches you can prevent. Weâ€™ve covered Phones and Personal Computing Devices, Your Browser, Your Inbox, Your Thumb and External Drives, Your Old Computer, and Your Cloud Backup. Finally, weâ€™ll discuss Your Network Drives.
Most companies have an internal corporate network with one or more shared network drives. If your company network drive is typical, itâ€™s a layered mess of multiple naming conventions, files from employees who havenâ€™t been around for years, and old documents with unrecognizable file extensions. Frankly, itâ€™s impossible for anyone to know exactly whatâ€™s there.
Sometimes breaches happen when the internal network is not properly segregated. Only individuals or departments with a â€œneed to knowâ€ should have access to sensitive information. The Human Resource department should never have access to trade secrets, while the R&D department shouldnâ€™t have access to HR data. The Executive team should have access to confidential client information, while that information might be best kept away from the Sales department.
Aside from inappropriate network segregation network drives, like all computer devices, are eventually replaced. Old hard drives are sometimes donated to schools, sold on Ebay, thrown away, recycled through Best Buy or a similar program, or just stored and forgotten.
Several researchers, including Simpson Garfinkle, have demonstrated that with a small budget you can recover hundreds of thousands of pieces of personal information from used hard drives. Like other computing devices, old network drives must be scanned and completely wiped of all sensitive personal information before they leave your possession.
Remember the fundamentals rules of all data breaches: 1. If you donâ€™t have it, you canâ€™t breach it. 2. Old, forgotten data is dangerous data. Regularly scan these seven types of devices for personal information so that your next breach doesnâ€™t originate from your own computer.