Four in ten companies 'unsure' what data old PCs contain
Many large UK companies are failing to ensure that confidential data is destroyed when their IT equipment reaches the end of its working life, putting their own staff, customers or partners at risk of fraud, or further serious security breaches.
A growing body of evidence points to widespread poor practices when it comes to disposal of equipment. The most recent findings, from Osirium, suggests that around 40% of organisations are not confident that all data is deleted before disposal. The research also claims that in finance and retail sectors around 7% of organisations don’t delete data at all. Such practices are clearly in breach of data protection responsibilities set out by the Information Commissioner’s Office.
This general picture is supported by research carried out by Computer Aid International, the charity that encourages re-use of equipment in developing countries. The charity found that 39% of the UK’s largest companies do not wipe all data from their unwanted PCs. Perhaps this might not be so bad if they were confident about where this equipment goes, yet just 43% of senior IT staff are confident that they can account for all their decommissioned PCs.
