Identity
Author:
Mark Dixon
Monday, May 17, 2010
1:44 pm
The thought never crossed my mind until my colleague Jack Crail sent me a link to this short CBS News video that outlines little-known security risks lurking in the background – hard drives in digital copier containing thousands of pages of sensitive information.
A companion print article highlighted a short study of four copiers detailed in the video:
The results were stunning: from the sex crimes unit there were detailed domestic violence complaints and a list of wanted sex offenders.
On a second machine from the Buffalo Police Narcotics Unit we found a list of targets in a major drug raid.
The third machine, from a New York construction company, spit out design plans for a building near Ground Zero in Manhattan; 95 pages of pay stubs with names, addresses and social security numbers; and $40,000 in copied checks.
But it wasn’t until hitting "print" on the fourth machine – from Affinity Health Plan, a New York insurance company, that we obtained the most disturbing documents: 300 pages of individual medical records. They included everything from drug prescriptions, to blood test results, to a cancer diagnosis. A potentially serious breach of federal privacy law.
Who knows how much of your personal information is floating out in never-never land on copier hard drives you may not have even known about?
No this isn’t an urban legend. I have been working up a blog post that gives folks a strategy for how to deal with it. I am the deacon of IT at my church and we have had to deal with it head on. For everyone’s benefit, your best friend in this is Darik’s Boot and Nuke. Of course the best thing is to make sure that the drive is not accessible by anyone that shouldn’t be accessing it. You also need to make sure that you pull the drive when ever you have it serviced, sell it or dispose of it.
