614-322-2222 or 877-770-8324

The data on the failed of decommissioned data bearing devices and systems is very accessible to any insider threat.

Sep

13

The data on the failed of decommissioned data bearing devices and systems is very accessible to any insider threat.

This is a very good article about the Zero Trust Security Model. Many datacenters and enterprise offices have some very valuable data that is sitting on shelves or pallets that still contain 100% of the data when powered down a few days before. When doing assessments, we go inside an unguarded or poorly guarded datacenter that anyone could enter after logging into a kiosk and entering an employee and company name that matches what is in their database. Nothing else. Even though the datacenter has gates, walls, and entry portal, any clever person can enter their secure domain to do service for any other smaller company and stay on premise the entire day. And be within inches of the intended target. As assessors, we would have to say, even though many organizations have a policy to watch the visitor, it typically only lasts a few minutes.

The inside person picks up the solid-state cards or drives, replacing them with fake worthless decoys. When the technician is checked leaving the datacenter which only happens 10% of the time, they show the untrained security guard the solid-state cards or hard drives for the service call and the perpetrators leave the facility with the commandeered data bearing devices. It doesn’t make a difference whether it is solid state cards or hard drives, which are often kept inside unsecured blue plastic bins. As the assessment continues, most companies in the US cannot account for their data bearing devices, and they also fail to report the loss of system data to their managers. So, the Zero Trust Security Model would help those companies develop a better layered security approach to guard their unprotected data.

The data on the failed of decommissioned data bearing devices and systems is very accessible to any insider threat. In the Zero Trust Security Model (ZTSM), organizations learn to create system polices that have multi-layered and monitored approaches. When you do, you have the TechR2 Tear-A-Byte® and Tear-A-Vault® systems. The only ZTSM system in the EoL industry.



  • Providing complete “Cradle to Grave” data eradication solutions, sound experience, industry best practices and resources to support you.


    Why risk it? Get started today! Call 614-322-2222


  • About An Industry Leader

    TechR2 is the only company in the industry that has earned a US patent for its Track-Contain-Destroy-Verify data security process, is OEM approved, upholds critical ISO certifications, and is recognized for compliance with GDPR, NIST and all governmental regulations concerning data destruction, including ISO 27001, ISO 14001, ISO 9001, and ISO 45001.