Donating devices like laptops, phones, and flash drives may seem like a noble thing to do—after all, it’s good for the environment and makes devices available at a lower price point for people who may not otherwise be able to afford them. However, device recycling can pose a serious and often overlooked security risk. Device security is a concern that has to be addressed before donating so you can trust that your personal information will remain protected.

devices

In a 2019 report, security operations company Rapid7 revealed thedangers of recycling and discarding devices. Researcher Josh Frantz visited 31 businesses that sold refurbished computers and accept donated hardware, spending $650 on 85 devices. He then set out to extract data from them. The results were astonishing and alarming: Out of 85 devices, only two had been wiped properly and only three were encrypted. He found over 366,300 files and managed to extract email addresses, Social Security numbers, dates of birth, credit card numbers, drivers license numbers, phone numbers, and even a couple of passport numbers.

Imagine the havoc someone could wreak with all that information—it could open you up to credit card fraud, ID theft, doxxing, and more. Moreover, tests run by Limited Results found that discarded low-cost IoT devices can be used to acquire wireless network passwords, which may enable a hacker to gain entrance to an otherwise secured network.

Discussions involving device security tend to focus on what to do while your device is in your possession. Protecting devices with passwords, using a password manager to store secure login information, and using caution with open WiFi networks are all good measures. However, as the Rapid7 report shows, the risk doesn’t end when you retire your old tech for the latest model.

Recycling devices can put your personal data at serious risk, as the machines may still contain thousands of files of personal information, and resellers that promise to wipe them may not live up to that promise. Anyone who plans to recycle, resell, or donate a device must take the task of wiping it into their own hands.

Related:- 6 Amazing Homestays In Kollam For A Heavenly Stay

Wipe the system

A factory reset may seem like the quickest and easiest way to erase all data from your device, but unfortunately, it’s not that easy. Data can stay on discarded devices and drives for years, even after a factory reset. Luckily, with a little extra effort, you can keep your data safe and unrecoverable.

There are a number of applications out there to wipe a hard drive or SSD. For Windows, Eraser is a popular choice, and Digital Trends has a good guide for how to use it. Another popular option is to erase a hard drive using Darik’s Boot And Nuke, also known as DBAN, a free data destruction program that completely erases all the files on a hard drive (check out Lifewire’ guide on DBAN here). Other similar programs include CBL Data Shredder, MHDD, PCDiskEraser, and KillDisk. There are dozens of free data destruction software programs out there, so find the one that works best for you. If you’re looking to wipe solid-state drives or multiple disks in a RAID, Digital Trends recommends PartedMagic.

Once you’ve wiped the hard drive, remove it from the device and destroy it thoroughly. This may seem extreme, but data could still be extracted from the device unless it is physically destroyed. Frantz recommends using a hammer, industrial shredder, drill, incineration, acid, electrolysis, or—if you’re reallycommitted—thermite. Just make sure to do this safely and use appropriate gear, like goggles and gloves.

Related:- The Most Beautiful Destination Wedding Venues in India

Consider sustainability-as-a-service

Another way to retire tech securely is partnering with an organization that safely and responsibly recycles it. As an individual, you should conduct due diligence before donating a device to find out the resellers’ security practices. As an enterprise, find a reputable service provider that can help recover, repurpose, or recycle tech with device security as a priority.

Since 2016, HP has recycled 271,400 tons of hardware and supplies and continuously made device security a priority through its Device-as-a-service (DaaS) offering, which includes end-of-use services to help your organization sustainably prepare for a technology refresh. HP’s sanitization service permanently destroys the storage media in accordance with the latest industry standards, reducing the workload on your organization and providing peace of mind.

Certificate-based authentication is the use of a Digital Certificate to identify a user, machine, or device before granting access to a resource, network, application, etc.  In the case of user authentication, it is often deployed in coordination with traditional methods such as username and password.

Certificate

One differentiator of certificate-based authentication is that unlike some solutions that only work for users, such as biometrics and one time passwords (OTP), the same solution can be used for all endpoints – users, machine, devices and even the growing Internet of Things (IoT).

Why Is Certificate-Based Authentication Used?

Ease of deployment and ongoing management

Most certificate-based solutions today come with a cloud-based management platform that makes it easy for administrators to issue certificates to new employees, renew certificates and revoke certificates when an employee leaves the organization. Solutions that integrate with Active Directory can make the enrollment and issuance process even easier, by enabling auto enrollment and silent installations.

Unlike some authentication methods like biometrics or OTP tokens, there is no additional hardware needed.  Certificates are stored locally on the machine or device. This not only saves on costs, but can also alleviate management pains around distributing, replacing and revoking tokens.

Related:-The Most Beautiful Rivers Around the World

User-friendly

There’s always a tradeoff between increasing security and the costs involved and burden on end users. Most people don’t think of it, but using certificates is very easy for end users. After the certificate is installed (and in some cases, this can happen automatically), there is nothing further to be done. Additionally, most enterprise solutions already support certificate-based authentication.

Leverage existing access control policies

You can also easily leverage existing group policies and permissions to control which users and machines can access different applications and networks.  This way you can ensure only privileged users can access sensitive or critical operations.

Mutual authentication

Another benefit of using certificates is that it allows for mutual authentication, meaning both parties involved in a communication are identifying themselves, whether that communication is from a user-to-user or a user-to-machine or machine-to-machine. For example, a client must prove its identity to a company intranet and the intranet must prove its identity to the client, before a connection can be made.

Extending to external users

Certificates are also easy to roll out to users outside of your organization (e.g. partners, independent contractors and freelancers) who may need to access your networks. They won’t need additional software on their local machine and the ease-of use means you won’t need to provide much additional training.

Related:-10 Places Handpicked For Photography in India

How Is Certificate-Based Authentication Used?

Certificate-based authentication is quite flexible and can be used in a number of ways, but here are some of the most common use cases we hear from our customers. You’ll notice the common theme with all of these and certificate-based authentication in general, is to allow access only to approved users and machines and prevent unauthorized users or rogue machines.

User authentication

  • Windows Logon
  • Accessing corporate email, internal networks, or intranets
  • Accessing cloud-based services, such as Google Apps, SharePoint and Salesforce

Machine and device authentication

  • Identifying on-location/in-field machines that need to communicate with back-end services (e.g. payment kiosks located in convenience stores)
  • Identifying all employee laptops and mobile devices before allowing access to WiFi networks, VPNs, Gateways, etc.
  • Identifying all servers within the enterprise to enable mutual authentication

The mobile phone has evolved to become one of the most frequently used technological devices in the modern era. As individuals, our use of mobile phones touches nearly every aspect of our daily lives. It’s a communication device, a media device, an internet browser, a source of entertainment, a purchaser of goods and services—the list goes on.

Mobile

The versatility of our phones is a great thing, but it has also increased our dependence on them which, in turn, exposes us to some of their vulnerabilities. Practicing strong cyber security is the best way to keep yourself protected from these risks so we thought we’d share a few tips to help you protect your mobile phone.

1. Set up your screen lock immediately

The first thing you should do whenever you get a new phone is to set up a screen lock. This seems like an obvious step but you’d be surprised how often it’s overlooked or how long it takes for people to do. If you happen to misplace your phone before doing so, an opportunist who happens to come across it could easily take advantage.

These days, there are a number of different methods to lock your phone including pin, pattern, fingerprint, iris scanning and facial recognition. There are even things like Intelligent Scan (used by Samsung) that chooses between facial and iris recognition depending on the conditions around you.

It’s also important to make sure your phone has its auto-lock feature enabled. Android phones typically have this setup to activate 5 seconds after sleep mode kicks in while an iPhone does this after 2 minutes (but can be changed to 30 seconds which we recommend).

2. Install antivirus software

While most people protect their desktops and laptops with antivirus software, very few do so with their mobile phones. When you consider how much web browsing is now done on our mobiles, failing to protect in the same way you would your laptop makes little sense.

This is especially important if you do a lot of travelling, connecting to public WiFi networks which are particularly susceptible to intrusion by way of malware (more on this later). If you’ve got kids using the phone it also gives them an extra layer of protection too.

There’s a wide range of mobile antivirus apps that you can download, many of which are free and will have minimal system impact on your operating system.

3. Keep your operating system (OS) updated

Hackers are constantly looking for security vulnerabilities through a phone’s operating system and the complexities of system programming mean there are always some to be found.

Android and Google commit a huge amount of resource in identifying these vulnerabilities and developing security patches and fixes to eliminate them. Making sure you find time to install these updates as and when they become available is therefore critical to keeping your system secure.

Another good reason to keep your OS updated is that these patches not only fix security vulnerabilities but also often add new features to your phone too.

Related:- ‘World War 3’ Google Searches Spike After Syria Strike

4. Back up your data

Given how much important personal data is now stored on our phones, it’s important to keep a backup of your data, should it for some reason be lost. As a matter of fact, best practice typically advises that you back up your data in multiple ways.

One of these ways is to put your data onto a physical storage device like a portable hard drive or a flash drive. This is a quick and easy solution and as you’ll more than likely place these in your cupboard once the files are transferred, they can’t themselves be attacked by hackers.

Another increasingly popular way to back up your data is to do so via the Cloud. You can set this up to do it automatically on an iPhone using iCloud and via Google on Android. The main advantage of doing this is that you can access your data no matter where you are, so long as you can connect to the internet and you can’t lose your data through destruction of property, both of which are limitations/risks of the physical storage solution.

5. Be selective with apps

There are literally millions of apps available to download on both Android and iPhone adding a whole range of new functions, services and capabilities to your phone.

While many of them are legitimate and help you get the most out of your phone, there are those that are more vulnerable to cyber security threats than others. These are predominantly apps that are downloaded outside the App Store or Google Play Store that don’t get vetted and scanned for threats by the respective tech giants.

Unfortunately, creating apps that are actually disguised vehicles for distributing malware is an all too common strategy for hackers and for the most part, the risks and repercussions are all too grave.

Even legitimate apps require a certain degree of vigilance with respect to checking the permissions required for use (some might want more than you’re willing to give) and regular updating to make sure security bugs are fixed. All things considered, you can never be too picky when it comes to which apps you choose to install.

6. Don’t trust untrusted networks

As briefly mentioned earlier, if you’re a regular traveler or someone that frequently connects to public WiFi networks, you should be extremely careful how you use your phones when connected.

The risk with public networks is that hackers can interrupt your connection and gain access to the information you are sending out. For this reason, you should be hesitant in fully trusting the integrity of your connection when on these networks and limit exactly what you are doing while connected.

Things to shy away from includes online shopping, internet banking and anything to do with activities that contain your account details. You might also be wary about logging into things like email and social media accounts and should always make sure you are logged out of personal accounts before connecting to these networks.

Related:- 9 Facts about Football in the First World War

7. Docking stations are now also a risk

A more recent risk that has revealed itself is through public USB docking stations/charging ports that you commonly find in cafes, hotels, airports etc. These have, in the past, been greeted with glee by mobile phone users, low on battery and desperate for a recharge.

The threat they pose has now been described as “juice jacking.” This is where hackers manipulate a docking station/charging port and upload malware which then gets passed onto an unsuspecting device that subsequently connects to it.

USB cables have become synonymous with the act of power charging and it’s easy to forget that they also have data wires that can transfer files too. You can get USB attachments that will block the data ports to protect against this threat or you can carry portable chargers or just use your AC adapter when in need.

8. Workplace responsibility essential

While cyber security for one’s personal mobile is an individual responsibility, it is an important corporate responsibility for businesses where mobile phones are used by employees as part of their work. This is not only to protect the personal information of the employee but the company’s data as well.

A good way employers can do this is by using an enterprise mobile device management (MDM) application which can be installed on a company mobile or a personal device (if the employee is using their own for work). An MDM application will add many layers of protection, like strong data encryption and remote access to the device for IT teams should this be required.

Another added benefit is that it’s also a good tool to increase cyber security awareness for employees, as they bring to the fore specific behaviors and actions that should be practiced and avoided.