This week, we will take a step back from your digital security and focus on the basics. Many businesses focus solely on the security of their IT devices and services but begin neglecting the fundamentals.
The main focus of this article is dumpster diving, which is exactly what you expect it to be, where individuals will purposefully steal from bins in an attempt to retrieve hard drives, documents, receipts or post. This poses a threat to both individuals and businesses alike, as both entities receive and dispose of a host of information that can be used to commit fraud, identity theft or gather intelligence.
From a personal perspective, identity theft is the most critical risk posed by dumpster diving. Many individuals receive credit offers in the post, information relating to their online accounts, banking and much more which can be combined to produce an identity profile for that individual. Credit offers in particular can be used to fraudulently apply for credit and it can be very difficult to prove your innocence.
From a business perspective, be aware of all data you dispose. Businesses pose a much higher risk as the damage of information being stolen not only affects the company, but also clients.
To mitigate the risk being a victim to dumpster diving, we advise that:
Businesses contract out a company to handle and provide proof of adequate destruction of your paper-based documentation and digital storage media.
For personal mitigation, we recommend investing in a high quality shredder to ensure that you make it as difficult as possible to reconstruct documentation. For added security, shred physical documentation and spread this among a number of bags to make reconstruction an extremely difficult process. Digital storage media should be physically destroyed to prevent operation and reading of the device/data.