This interesting article, called “Identity Theft Risks: Huge Amount of Sensitive Data Still on Redundant Computer Hard Disk” provides an overview of a research study to be published soon – warning about the risk of data left on devices to be decommissioned:
"Ongoing research to be published in the International Journal of Liability and Scientific Enquiry suggests that there is a huge amount of sensitive data still on redundant computer hard disks. These devices are often disposed of or sold into the second-hand market by corporations, organizations, and individuals with the data intact. The report's authors say that this data represents a significant level of risk for commercial sabotage, identity theft, and even political compromise, and suggest that better education is essential to reduce the risk of harm. ...
The 2007 study is being made available in its entirety through the International Journal of Liability and Scientific Enquiry. The team is now completing the 2008 analysis and will announce those results shortly as well. However, the initial results for the 2008 study show that there is still a long way to go regarding the decommissioning of computer hard disk drives. The team expects that the complete 2008 study will be made available for publication by the end of the year."
This is an area where “classic” identity management (based on control points) shows its limits. The explicit management of IdM strategic policies, related processes and risks should be a key part of “identity management”.
“Identity Analytics” could also be of some help here, to understand the implications of policies and possible strategic decisions (given specific IT and IdM frameworks), along with exploring investment trade-offs.
--- NOTE: my original HP blog can be found here ---
No comments:
Post a Comment