MANAGEMENT information systems By Dale L Lunsford, WalterA. Robbins, and Pascal A. Bizarro were the patients' names, addresses, Social Security numbers, diagnoses, and medications. It is important for organizations to understand that if sensitive or confidential data are not properly removed from com- putersprior to disposal,the organizationsrisk unauthorized infonnation disclosure that can figuration files, password storage, and spe- cial hardware devices. Deleted files. When disposing of an old computer, users will often delete all files containing confidential information. Deleting files, however, does not actually remove a file's information from the hard disk; it only rewrites the metadata point- ing to the file's location. The disk blocks containing the file's contents remain intact and vulnerable to cyber- theft. A cyber-criminal will often use file recovery software to undelete files and then examine the contents for confidential infonnation. Even if the computer user has reformatted the disk or removed the drive partitions, the cyber-criminal can use simple, inexpensive unfonnatting and parti- tion recovery software to recover data considered destroyed. In addition to user-maintained files, confidential data may also exist in cached files and application-generatal backup files. These are files that are often overlooked when retiring old computers. File caches are located in operating system directories or hidden loca- tions to prevent accidental deletion. Many computer users are not aware that applica- tion programs often store backup fIles in the same directories where the applications are located. Most cyber-criminals, howev- er, know exactly where to look Recovery partitions. In personal puters, the operating system , ... I n August 2002, the United States Veterans Administration Medical Center in Indianapolis replaced approx- imately 140 desktop computers with new models. Some of the old computers were donated to educational institutions and the state of Indiana, while others were sold on the open market. It was later discovered that many of the old computers contained a wealth of sensitive medical and fmancial infor- mation on their hard drives. The new owners found information identifying V A patients with AIDS and mental health problems, and government credit card numbers that the Indianapolis facility had used. Three computers wound up at a local Indianapolis thrift store, where they were purchased by a TV reporter. This fiasco is not the only incident of confidential information being inad- vertently made available through the retiring of old computers. Consider the following cases: .The Pennsylvania Department of Labor and Industry sold old computers that con- tained "thousands of files of infonnation about state employees." .The consulting finn of Dovebid auc- tioned off old computers that contained confidential client infonnation. .A used computer sold in Purdue University's surplus equipment exchange facility still had a database containing the names and demographic information of applicants to the school's Entomology Department. .In Pahrump, Nevada, someone pur- chased a used computer system and discovered that the prescription records of over 2,000 patients from a local phar- macy were still on the hard disk. Included Some data recovery tools, such backup copies of personal files them from unexpected data loss. den, useffl may copies of fIles contained in them, them available to future useffl. 60 JULY lead to economic loss, a damagedreputation, civil liability, and even criminal liability . Rapid advancesin technology have magni- fied this risk by requiring companies to replace computer systerns,both desktop and notebook computers, more frequently. A recent study found that approximately 150 million hard-<lisk drives were retired in 2002, up from 130 million in 2001. Unfortunately, the techniques most people use to remove infonnation from computer equipmentbefore retirement are inadequate and fail to ensure information privacy. Areas of Danger Cyber-criminals generally look for infor- mation in five areas of a salvaged com- puter: deleted files, ~very partitions, con-
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
MANAGEMENTinformation systems
By Dale L Lunsford, WalterA.Robbins, and Pascal A. Bizarro
were the patients' names, addresses,Social Security numbers, diagnoses, andmedications.
It is important for organizations tounderstand that if sensitive or confidentialdata are not properly removed from com-puters prior to disposal, the organizations riskunauthorized infonnation disclosure that can
figuration files, password storage, and spe-cial hardware devices.
Deleted files. When disposing of anold computer, users will often delete allfiles containing confidential information.Deleting files, however, does not actuallyremove a file's information from the harddisk; it only rewrites the metadata point-
ing to the file's location. The diskblocks containing the file's contentsremain intact and vulnerable to cyber-theft.
A cyber-criminal will often use filerecovery software to undelete filesand then examine the contents forconfidential infonnation. Even if thecomputer user has reformatted thedisk or removed the drive partitions,the cyber-criminal can use simple,inexpensive unfonnatting and parti-tion recovery software to recover dataconsidered destroyed.
In addition to user-maintained files,confidential data may also exist incached files and application-generatalbackup files. These are files that areoften overlooked when retiring oldcomputers. File caches are located in
operating system directories or hidden loca-tions to prevent accidental deletion. Manycomputer users are not aware that applica-tion programs often store backup fIles inthe same directories where the applicationsare located. Most cyber-criminals, howev-er, know exactly where to look
Recovery partitions. In personalputers, the operating system, ...
I n August 2002, the United StatesVeterans Administration MedicalCenter in Indianapolis replaced approx-
imately 140 desktop computers with newmodels. Some of the old computers weredonated to educational institutions andthe state of Indiana, while others weresold on the open market. It was laterdiscovered that many of the oldcomputers contained a wealth ofsensitive medical and fmancial infor-mation on their hard drives. The newowners found information identifyingV A patients with AIDS and mentalhealth problems, and governmentcredit card numbers that theIndianapolis facility had used. Threecomputers wound up at a localIndianapolis thrift store, where theywere purchased by a TV reporter.
This fiasco is not the only incidentof confidential information being inad-vertently made available through theretiring of old computers. Consider thefollowing cases:.The Pennsylvania Department of Laborand Industry sold old computers that con-tained "thousands of files of infonnationabout state employees.".The consulting finn of Dovebid auc-tioned off old computers that containedconfidential client infonnation..A used computer sold in Purdue
University's surplus equipment exchangefacility still had a database containing thenames and demographic information ofapplicants to the school's Entomology
Department..In Pahrump, Nevada, someone pur-chased a used computer system anddiscovered that the prescription recordsof over 2,000 patients from a local phar-macy were still on the hard disk. Included
Some data recovery tools, such
backup copies of personal filesthem from unexpected data loss.
den, useffl maycopies of fIles contained in them,them available to future useffl.
60 JULY
lead to economic loss, a damaged reputation,civil liability, and even criminal liability .Rapid advances in technology have magni-fied this risk by requiring companies toreplace computer systerns,both desktop andnotebook computers, more frequently. Arecent study found that approximately 150million hard-<lisk drives were retired in 2002,up from 130 million in 2001. Unfortunately,the techniques most people use to removeinfonnation from computer equipment beforeretirement are inadequate and fail to ensureinformation privacy.
Areas of DangerCyber-criminals generally look for infor-
mation in five areas of a salvaged com-puter: deleted files, ~very partitions, con-
Configuration files. All softwareincludes a number of configuration optionsthat detennine how the software works,which features are available, and otherinformation intended to simplify the user'slife. Microsoft Windows 95 consolidatedall operating system configuration infor-mation in a centi"al database called the reg-istry; application configuration informationis stored in initialization files. Ideally, byputting this configuration information inone database, configuration settings com-mon to all applications need be stored onlyonce, installation of applications is sim-plified, and the system is more stable.
Unfortunately, the registry and initial-ization files provide substantial detailsabout the configuration of the hardware,the operating system, and applications, aswell as the location of application files andnetwork resources. Consequently, thesefiles serve as a rich source of useful infor-mation. More important, information in theregistry and initialization fIles can provideinformation about the security measuresemployed by the company and about theorganization of files on servers.
Passwords. Many users fmd it difficultto remember all of the login information
(e.g., usemames, passwords) needed toaccess e-mail, applications, databases, andwebsites. To relieve users of this burden,many programs allow users to store logininformation so that they won't have toremember it. Often the operating system orapplications store identifiers and passworddata in the operating system's registry or
application-specific configuration files.Popular web browsers offer to rememberpasswords to websites, which can includethe password to the company's intranet.
Many applications encrypt passwords, butdevelopers often do not use strong encryp-tion techniques to protect passwords. Ifthe encryption technique used is weak, orthe user selects a poor password, cyber-criminals can use password recovery soft-ware to access sensitive information.
Special hardware devices. Hardwareinstalled in a computer can provide a cyber-criminal with important informationabout the network architecture and securi-ty measures used by a company. For exam-ple' a wireless network card or authenti-cation hardware might alert a cyber-crim-ina1 to special security measures or encryp-tion keys.
ed in different areas on the hard drive,tracking them can be a challenge. Backingup files can provide an occasion to reor-ganize data storage in a more efficient way.When backing up files, use a disk-imag-ing program to make a copy of all files toa high-capacity removable disc (e.g., a CDor DVD). Applications for performing thistask include Norton Ghost, Paragon DriveBackup, Novastor InstantRecovery , andAcronis True Image, as well as other com-mercial, shareware, and freeware products.
File transfer. After backing up the files,the next step is copying them to the newcomputer. There are packages that provideall of the software and hardware necessaryto transfer all computer settings and data,along with personal files and folders. Oncethe copy process is finished, all files,including operating system files, must bedeleted from the old computer. Deletingis only the fIrst step, however; the com-puter drive must now be sanitized.
Sanitization. Sanitization is the processof wiping clean all data stored on a com-
Preventive MeasuresMeasures can be taken to prevent future
users of retired or discarded computer sys-terns from accessing a company's sensitiveor confidential information, as well asinformation about its network architectureand security measures. Individual users canuse this process when moving to a newcomputer. An information technologydepartment can implement the process asa standard procedure each time thedepartment retires a computer from service.The process consists of four steps: archiv-ing of data; file transfer; sanitization; andhardware removal. (See the Exhibit.)
Archive data files. The first step is tomake a backup copy of all data files con-tained on the computer. This task can bedifficult because of how applicationsstore data. By default, most Microsoftapplications store files in a directory called"My Documents." Other applications usethis directory, create their own directories,or s~ve files to the location where the appli-cation is installed. Because files are locat-
YOU ARE CORDIALLY INVITED
TO A~ND COMPLIMENTARY
PENSION, ESTATE AND ELDERCARE PLANNING SEMINARS
Qualifies for up to 24 Taxation CPE Credit\' for CPA's
* Learn how Hundreds of Thousands of Dollars of Pension Tax Deductions Are
Now Available to Business Owners Who Have Not Yet Filed their 2003 Tax Return;
* Learn how trusts can provide asset protection, income and estate tax savings, and
Medicaid eligibility and why almost every Will should be redrafted;
* Learn How IRS Qualified Retirement Plans Can Be Designed to reduce up to 90%
of a Business Owner's Taxable Income With Minimal Costs for Employees' benefits.
The speaker is Israel Grossman, Esq., a former IRS Estate and Gift Tax Attorney with amaster's degree in tax law from New York University School of Law, with over 25 years'experience in pension plan design and estate and eldercare planning.
Tiles. July 13th 9:30 am Tiles. August 10 9:30 amThurs July 15th 5:00 pm Tiles. August 17 5:00 pmThurs July 2Oth 9:30 am Thurs August 19 9:30 amTues Aug 5th 5:00 pm Thurs August 24 5:00 pm
I
To be held atPENSION SOLunONS
420 LEXINGTON A VENUE, SUITE 1435NEW YORK, NEW YORK 10170
Please call 212 681 7970 to reserve your seatOR
To aITange for a Seminar at your office if you are in the New York City vicinity,and have 10 or more CPAs who will attend
JULY 2004 / mE CPA JOURNAL 61
rity, the IT department should removeany add-in hardware related to the com-pany's local area network and securitysystems before disposing of the com-puter. D
Dale L. Lunslord is an associate pro-
lessor of computer information systemsat High Point University, High Point,N.C. Walter A. Robbins is a professorof accounting at the University ofAlabama, Tuscaloosa, Ala. Pascal A.Bizarro is an assistant professor ofaccounting at the University ofMississippi, Jackson, Miss.
is inserted), the wipe-disk programmust be run. Wipe-disk programs aregenerally either command driven ormenu driven. Either way, the user willhave to specify the drive to be wiped.The time required for the program toexecute the wipe can vary substantiallydepending upon the age and capacity ofthe drive.
Remove sensitive hardware. Becausethe disk-wiping program removes allfiles from the computer-including datafiles, applications, and operating systemfiles-this significantly reduces the like-lihood of a cyber-criminal gaining accessto sensitive information. For extra secu-
Step Create Archive of Documents
)
(..Move Documents to
New ComputerStep 2
//
/
Wipe Old Computer
Step 3a
s 3btep ".
"\Remove Sensitive Hardware
from Old Computer
puter hard drive. There are three methodsfor sanitizing a computer: disk shredding,disk degaussing, and disk wiping.
Disk shredding. Disk shredding is theprocess of physically shredding a disk torender it unusable. This method is the mostsecure way of destroying data on a disk,but it requires a technician with specialequipment to carry it out.
Disk degaussing. Disk degaussing isthe process of exposing the disk to strongmagnetic fields to destroy its contents.This method eliminates any data still onthe disk. A technician must disassemblethe disk before degaussing it, using spe-cial equipment that can damage ordestroy other components if improperlyused or stored. The disk must also bereformatted by a manufacturer beforereuse.
Disk wiping. The final method, diskwiping, sanitizes the hard disk byremoving its current data and replacingit with random characters. Using thismethod requires special but inexpensivesoftware. The method is appropriate formost kinds of data, though perhaps nottop-secret information. It can be per-formed by most users or in-house IT
personnel.As shown in the Exhibit, disk wiping
consists of two major steps: booting thecomputer from a diskette, and wiping thedisk clean. Before starting the disk sanita-tion process, all necessary files must besuccessfully copied either to a new com-puter or to a permanent archive.
Microsoft Windows and other operat-ing systems generally do not permit thedeletion of critical operating systemfiles. Deleting these files requires boot-ing the computer from a diskette. Insome cases, the disk-wiping softwareincludes a utility to create a bootablediskette with all of the necessary soft-ware; if not, Windows can format adiskette as a start-up disk. The instruc-tions included with the wipe-disk prod-uct selected should identify any files thatmust be copied to a start-up diskette.(This disk should be clearly labeled sothat it is not accidentally misused onan active computer.)
After the computer has been bootedfrom the diskette (not the hard drive tobe erased; most machines will automat-ically boot from a start-up diskette if one
Step 4
)/
62 JULY 2004 / THE CPA JOURNAL
Related Documents
