Hardware

Is your hardware keeping your data safe?

Introduction.

If your work laptop is stolen, what do you think is worth more to the thief, the laptop itself, or the data contained within?

With such a vibrant marketplace for business data on the Dark Web, it’s increasingly becoming the latter. And it’s a lot cheaper to replace a laptop than to pay a ransomware demand or a fine for losing customer data.

So if a hacker did get access to one of your devices, how easy would it be for them to steal your data?

What business hardware is at risk?

Laptops and desktops

When thinking about cyber security it can be easy to concentrate all your attention on protecting yourself against online thieves, and forget about what might happen if your important business devices were stolen by traditional analogue theives.

But theft does happen, and according to some reports, almost half of stolen business laptops result in a data breach.

“It’s OK. My computer’s locked”.

That’s great. Password protection will stop a snooper or casual hacker from accessing your device. But determined professional hackers are full of tricks like this one:

Besides, the password only locks the user our of the operating system. If your data is on the hard drive, the hacker can just take your hard drive out to probe with specialist software.

Servers.

In most cases, your servers play a central role in running your business. A stolen laptop is an inconvenience, but a stolen server is a major problem.

Even if you can run without it, or have backups or a cloud hybrid setup, your server will probably have huge reams of critical business data contained within. What will happen if the theives can gain access to it?

Even more of a problem than a server being physically stolen is a server that has being hacked, but the hackers lay dormant, stealing your data from under your nose.

Other devices.

And when it comes to laying dormant within your network, leaking your data secrets, pretty much any device that has the right access permissions can do that job.

So-called Inter of Things (IoT) devices have had their share of scrutiny recently as simple routes onto business networks for hackers.

These are often small and simple devices like smart doorbells or wifi access points that are super simple to set up. So simple, in fact, that they are often left on their default settings, but with an open connection to both your network and the internet, making them easy to hack.

Once hacked they can sit dormant scanning your network traffic, stealing data and account details, or even launching cyber attacks on others.

How can I improve my hardware security?

Encrypting devices and data

Encrypting data at rest (when it is stored) is a simple and cost-effective way to make it much, much harder for cyber criminals to access your data. 

Programs can easily be installed on every device to encrypt any data stored on your machine, and many of the services you use will already be using, or be able to enable, encryption at rest.

Multi-factor authentication.

The simplest way for hackers to breach your security is simply to guess your passwords. This can be done by computers at a phenomenal rate, so even complex passwords can potentially be guessed.

Multi-factor Authentication (MFA) introduces a second method of identification, so no password alone can gain access, especially to administrative accounts.

Mobile Device Management (MDM).

Any device that is routinely taken out of the office, such as laptops and phones, are an increased security risk.

Mobile Device Management (MDM) services and software can offer a range of tools to increase device security:

• Encryption of data
• GPS location of devices
• Remote lock and/or wipe of lost devices
• Blacklisting of non-approved apps
• Preventing device use outside of approved areas.

Disposal, Deletion and Destruction

Yes, the famous 3 Ds (they’re not famous, I’ve just made them up). But still, what happens to your old devices when they are replaced?

Even after a factory reset, or even if the computer is faulty, your devices can still contain traces of important data, so it’s important to take end-of-life security just as seriously as in-life security.

All your old devices should be properly disposed of to ensure their data is entirely wiped and, ideally, that the devices can be properly recycled.

I now understand…

• How my IT hardware can expose my business data
• How I can ensure my hardware isn’t easily exposing my business data.