Lapses in PC Disposal Security Put Data at Risk

CIO Insight Staff Avatar

Updated on:

Protecting PCs doesn’t stop when they are still being used by employees; it

continues to the very end of a machine’s life — the day when it heads to the

dump.

This was underscored recently by

a NASA audit that revealed a number of security failures connected to

machines slated for disposal. At NASA’s Ames

Research Center

in California for example, there

was no “sanitation verification testing” for PCs at the end of their

life cycle. The situation was found to be the same at the Lyndon

B. Johnson Space

Center in Texas.

And the audit also found that 10 computers from the John

F. Kennedy Space

Center in Florida

had been released to the public despite failing sanitation verification tests — meaning

they had not been properly wiped. Four other computers that failed the

tests were confiscated by the auditors when they found the machines

were being prepared for sale or release to the public.

“When we tested the confiscated computers, we discovered that one

contained data subject to export control by the International Traffic in Arms

Regulations (ITAR),” according to NASA’s
report (PDF).

For more, read the eWeek article: Weak PC Disposal Processes Hurt Security

CIO Insight Staff Avatar