ALM a key element of data security

Issue 8 2022 Infrastructure

The average cost of a data breach is now nearly R50 million; and breach costs have increased by nearly 20% over the last two years. Recent high-profile breaches and ransomware attacks are a stark reminder to C-suite leaders of how vulnerable their businesses are. Even those with undoubtedly robust security defences can be breached.


Takalane Khashane.

Information security has never been more important. With a growing onus on business owners to protect their data, and increasing data privacy legislation around the world imposing significant fines, the financial and reputational costs of a lax approach run deep. But while cybersecurity is top of mind for the C-suite, many organisations still have a big gap in their security posture – how they manage their physical IT assets throughout every stage of their lifecycle. Good asset lifecycle management (ALM) is foundational to effective data security because even the best cybersecurity system can be futile if you do not integrate, maintain, and most importantly, decommission or dispose of your hardware and devices securely.

Best practice for keeping an eye on your assets

Minimising your exposure to risks and liabilities requires visibility and control over all your assets, both virtual and physical. With the boom in remote working adding to the challenge of keeping track of the devices going in and out of your organisation, it is more critical than ever to follow IT asset management best practices.

Ongoing surveillance, maintenance and risk mitigation of all assets is essential. To begin with, you should have an asset register that documents every piece of hardware introduced into your organisation, its purpose and who is responsible for it. The register should also monitor the equipment’s performance, health and protection, making sure that security applications are working and up to date.

All physical assets should be password protected, preferably with a forced password change policy in place, and when the software on a device is no longer supported by the manufacturer, the device should be upgraded. Using a patch management programme that regularly scans for any security flaws across all assets and any updates necessary for maintaining regulatory compliance is key.

Perhaps the most crucial part is the end-of-life stage. There are criminals who salvage old hard drives from landfills or purchase recycled IT equipment, with the intention of recovering data from them for their own illicit gains. For this reason, it is vital to implement an asset disposition process that tracks the chain of custody and ensures that data is effectively wiped from disused assets – this should be the very first step in the retirement of any asset, yet it is not as straightforward as many people think.

What secure ITAD looks like

IT Asset Disposition (ITAD) should follow a well-defined protocol of a trusted chain of custody, comprehensive data erasure and dismantling into components for repurposing or recycling, or otherwise complete physical destruction. Though it is a common misconception that erasing data is as simple as deleting files or reformatting a drive, in truth, such methods do not guarantee the full deletion of data at all. Specialised data scrubbing software must be used and when destruction is required, the asset must be physically destroyed to the point that it is impossible to recover any data from it.

Third-party contractors can be employed for the disposal process. However, you need to ensure that they demonstrate the use of data wiping software certified to NIST 800-88 standard, can provide auditing reports that verify complete data erasure and provide proof of adequate physical destruction or dismantling of the asset. Non-compliant data erasure methods will leave the asset vulnerable to data recovery that is easily achieved with special software.

Furthermore, third-party handlers should offer a secure and fully visible chain of custody from the moment they take possession of the asset, through to when the destruction of the item is complete. Ideally, this will involve real-time asset tracking in which the asset is scanned and logged onto a system at every stage of its journey until disposal is recorded. Once the asset is destroyed, you should expect to receive a Certificate of Erasure and a Certificate of Destruction for each asset. Following this process reduces the risk of equipment going missing and provides peace of mind that the asset has been disposed of properly, in line with the stringent standards that govern the quality and ethics of recycling such as eSteward and R2.

Cybersecurity is the chief concern in many boardrooms today, but vigilant management of physical assets must never be overlooked. The most advanced cybersecurity system in the world will not be enough to protect your data if a piece of hardware containing sensitive information finds its way into the wrong hands.

ALM is core to any data security framework in the digital age and it is an element that no business can afford to be careless with. Indeed, failing to act can have very real consequences. It can leave an organisation vulnerable to enormous losses, not only from bad actors looking to exploit sensitive information, but also from the heavy fines levied by data protection legislators and the reputational damage caused by failing to prevent an avoidable breach.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Upgrade your PCs to improve security
Information Security Infrastructure
Truly secure technology today must be designed to detect and address unusual activity as it happens, wherever it happens, right down to the BIOS and silicon levels.

Read more...
The hidden cost of cheap networking gear
Duxbury Networking Infrastructure
When it comes to building a network, price is always a consideration, especially in the current economic climate, but there is a difference between smart spending and short-term savings with long-term losses.

Read more...
Open source code can also be open risk
Information Security Infrastructure
Software development has changed significantly over the years, and today, open-source code increasingly forms the foundation of modern applications, with surveys indicating that 60 – 90% of the average application's code base consists of open-source components.

Read more...
Fastest PCIe Gen 5.0 NVMe SSD
Products & Solutions Infrastructure
Sandisk has unveiled the WD_BLACK SN8100 NVMe SSD with PCIe Gen 5.0 technology, an internal SSD delivering speeds up to 14 900 MB/s and capacities up to 4 TB, with 8 TB solutions available soon.

Read more...
Unified storage solution
Products & Solutions Infrastructure
CASA Software has announced the local availability of Nexsan’s upgraded unified storage solution, Unity NV4000, which is ideal for mixed workloads, from virtualisation and video surveillance to secure backup and recovery.

Read more...
Suprema unveils BioStar Air
Suprema neaMetrics News & Events Access Control & Identity Management Infrastructure
Suprema launches BioStar Air, the first cloud-based access control platform designed to natively support biometric authentication and feature true zero-on-premise architecture. BioStar Air simplifies deployment and scales effortlessly to secure SMBs, multi-branch companies, and mixed-use buildings.

Read more...
Back-up securely and restore in seconds
Betatrac Telematic Solutions Editor's Choice Information Security Infrastructure
Betatrac has a solution that enables companies to back-up up to 8 TB of data onto a device and restore it in 30 seconds in an emergency, called Rapid Access Data Recovery (RADR).

Read more...
Advanced surveillance storage from ASBIS
Infrastructure Surveillance Products & Solutions
From a video storage solutions perspective, SkyHawk drives, designed for DVRs and NVRs, offer high capacity, optimised firmware, and a reliability workload rating of hundreds of terabytes per year.

Read more...
Power surges are killing our networks
Duxbury Networking Infrastructure
With power surges and lightning strikes becoming an all-too-familiar threat to South African infrastructure, Duxbury Networking is calling on local installers and network integrators to follow proper grounding protocols.

Read more...
A passport to offline backups
SMART Security Solutions Technews Publishing Editor's Choice Infrastructure Smart Home Automation
SMART Security Solutions tested a 6 TB WD My Passport and found it is much more than simply another portable hard drive when considering the free security software the company includes with the device.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.