Cyber-Ark has confirmed that sensitive data stored on redundant computer hard drives is a major problem.


In a report due to be published in the International Journal of Liability and Scientific Enquiry (IJLSE), Cyber-Ark's European director Calum Macleod claimed that data being stored on redundant drives represents a significant level of risk for commercial sabotage, identity theft, and even political compromise.


Macleod said: “The assertion is quite correct and, whilst the report says that companies must electronically shred that data on the drives before selling, passing them, or arranging their disposal, there is still a considerable need for education in the industry about this issue.


“That education is going to take time, so, in the interim, we would encourage the industry to attack the root cause of the problem and never store sensitive data on the drives in the first place.


“Educating an industry used to computers and their ease of access is going to take time, and that time will mean hundreds, if not thousands, of data loss incidents. Far better to adopt a solid corporate governance approach to data security and so prevent data losses from taking place in the first place.”


He recommended that companies operate a policy of vaulting sensitive data in a centralised, but easily accessible, location to be sure that data is safe.