Dumpster diving is the legal practice of searching through trash, whether it be commercial or residential, to find valuable information. This may sound like a sick thing to do, but many companies have dealt with serious data breaches as a result of someone braving the smell of trash. What do dumpster divers look for? The following list will give you an idea:
Phone lists: Useful for conducting social engineering attacks. Memos: Can give someone an idea of what is going on within an organization, such as new product plans. Calendars of events: A possible intruder can find out travel dates, or future events that will keep employees away from their systems so that gaining access will be easier. System manuals and packing material: Finding these items will give an intruder an idea about the systems that are in use, making preparation for the attack easier. Printouts: Source code, customer lists, account names and numbers, employees, network maps, and utility bills will give an intruder valuable information that can be used in a variety of ways. Disks, tapes, and CD-ROM's: These types of media usually contain sensitive information that is rarely if ever wiped clean before discarding.Before discarding information in paper form, it is always a good idea to shred the documents. One thing I like to do is to throw away half of the document in one trash bag and the other half in another bag just to make sure that no one will put them back together. One thing you can do to make it harder for someone to read personal information is to use a black marker to mark through names, addresses, phone numbers, and email addresses. This adds security when shredding.
All system manuals and network plans need to be taken to a professional shredding service, or contact a mobile shredding service. These type of documents do not need to be in the wrong hands, as they will make the intruders job a lot easier.
All media, whether it be cd-rom's, tapes, or disks need to be wiped clean before being thrown away. Software that can do this is abundant online. Another way to make the information unreadable is to physically destroy the media. Breaking them into several pieces will ensure that no one will access the information. If you aren't the physical type, simply running a magnet over the disks or tapes will usually do the trick.
For the individual, common sense will usually take care of most of these issues. Simply running a marker over your personal information and shredding it will deter most criminals, since they seek the easiest route to the information. As explained earlier, discard documents in several different bags. This will make putting two and two together more difficult.
Changing Your Password To Improve Your Website Security How To Keep Users and Data Safe On The Web Reality Overtakes Fiction: We Are Already at War, Albeit Electronic, But War All the Same Protect Your Privacy With Reputation Management An Explanation of CISPA for Small Businesses
0 comments:
Post a Comment