Computer Security - What's Hiding In Your Closet?

By on

How's that for a catchy title?

This month, I want to address a subject that I have touched on lightly in a number of prior articles. It deals with this rapid change in technology that may never slow down. I'll just bet that some of you have been caught up in it and really need to take a close look at the rest of the story. You may have to look in your closet to do that. Let's take a peek, but first let's let Jack reminisce for a minute.

Back to 1980 again

If someone broke into my home and borrowed one or more of the floppy disks that I upgraded to, what would they get? The answer is, not much! Each formatted floppy disk would hold about 70Kb of data after formatting. That's less than 1/10th of a megabite of storage space. As a point of reference, each brief article that I send to SC Magazine each month in a MS Word document (like the one that you are reading now) is about 35Kb on an average. That's somewhere around 1,000 words which take up a lot more space when typed into a word processor for final formatting. Also notice that my articles have not had any imbedded charts, graphs or graphics, which would have made the document considerably larger. To sum up this very important point, back in the good old days of computing, the risks were somewhat less if our offline storage media were to fall into the wrong hands.

I shared that little walk back into my distant past for a reason. My 70Kb floppy disk was all brand new technology, and it would stay pretty much state of the art for about three years. As we entered the mid 80s, computers started to get faster. The IBM PC appeared on the scene, and the rest is history. My old TRS 80 has either been recycled to make trashcans or it's sitting in some closet somewhere.

That second option could be of some concern and it's the reason for the rest of this article.

Every six months or less!

As I said, my original computer was considered to be 'state of the art' for over three years. That may never again be possible considering today's rate of increase in computing technology. I've heard it said that today's technology takes a considerable leap about every six months or so. In my seminars, I frequently make a comment about computer hardware. If you can buy it, it's obsolete. I jokingly said that for the first time about nine years ago. It's no joke any more. That certainly doesn't mean that we shouldn't buy new hardware. Quite the opposite, it means that we will be buying new hardware much more frequently than we did in the past.

Here's the problem

As we progress from gigabyte disk drives on every workstation to terabyte disk drives on every workstation as well as every notebook computer, what will happen to all of that old data? Has it been properly removed to ensure that it can't be retrieved by the wrong people? How much of it is still accurate? How valuable would it be to your competitors? Would you even miss it if it were just sitting around in a closet somewhere before it disappeared?

This is a problem that won't be going away any time soon. I've watched it develop steadily over the past ten years. We are now at a point where everything that is important to most businesses probably resides on some hard drive somewhere. That drive will either break or be upgraded sooner or later.

I honestly believe that we will see terabyte disk drives very soon. (That's a trillion bytes of information.) If you would have even hinted at that back in 1980 when I was in heaven with my first 180Kb drive (A tremendous upgrade from those 70Kb drives) I would have never believed it possible. A one terabyte drive could hold almost 6 million of my little 180Kb disks. That's a lot of data!

For the rest of this article, I'd like to give you a few ideas about how to prevent those skeletons in the closet from coming back to haunt you.

Know what you have

A good asset inventory will help you in many ways. I have been involved in a few, and I know that maintaining an inventory is not fun. It's a lot of hard and constant work. This same asset inventory will be invaluable to you if you ever need it as a part of a disaster recovery effort (that will be another article). As fast as work stations (PCs) and notebook computers are coming into most companies, keeping track of them won't be easy. Start your tracking process tomorrow if you haven't already.

Get rid of what you no longer need

In some ways, this is more important than knowing what you are currently using. Outdated equipment tends to become the stuff that we stack in the closet. I have seen so much of it I decided to write this article about it. I'd be willing to bet that about 80 percent of the information sitting on those old (and forgotten) hard drives is still accurate.

If there is one thing that is preventing you from getting rid of those old liabilities it's the value that only you will place on them. Old used computers are a lot like old used cars. They have some value. With the hardware going through that technology change every six months, that old hardware is not worth as much as you would like to think. There are pricing books on used computers as well as used cars, and those used computer prices drop weekly in many cases. If that $2,000 computer brings ten cents or better on the dollar, you should probably consider it.

A quick war story

Several years ago, I went to a computer flea market. It was really interesting and I purchased a few interesting things there. One of them was an old tape drive that would work directly from the parallel port of any computer. I purchased it for $20 to give to my young son as a way to save the data from some of his computer games. His computer has a writable CD-ROM drive that he normally uses, but I wanted him to learn how those ancient tape drives used to work. (It was also being used as training device for teaching him the difference in speed between sequential and random access storage devices.)

He had 200 megabytes of data and this was a 250-megabyte tape drive. The class was going well (but very slow while waiting for the tape drive) when something strange happened. The tape drive stopped, and a message came up on the monitor that read "Tape FULL Insert next tape." How could that be? 200 megabytes should fit on a 250-megabyte tape shouldn't it? Not if that tape already contained 67 megabytes of customer information from its previous small business owner. Things like names, addresses, account numbers, telephone numbers etc. Not good!

Check those closets today!

Hopefully, it's not too late for you to check those closets and begin the process of getting rid of a lot of potential trouble. This is the kind of trouble that you may never know about until your customers mysteriously starting going away.

Until next time,

Stay safe out there.

Jack Wiles is president and co-founder of TheTrainingCo and is a 30+ year security veteran. He is also the MC of the annual International Techno-Security Conferences. You can email him at jack@thetrainingco.com or find out more about him by visiting www.thetrainingco.com/biojackwiles.html.

 

Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?