Many companies attempt to mandate an employee’s operating system choice. Workers who operate on location are usually given a computer with a preinstalled OS and programs. Apart from cost and convenience, there is a major security reason for this policy.
Imagine a real estate firm that discovers a potentially serious cybersecurity flaw in their network. All employee computers are immediately upgraded and the threat is purged – or so the executives think. One employee has been using a supplemental device that operates on a different OS and (partly) outside the corporate network.
This device received no upgrade and, as a result, still contains the network security breach in its software. A company that thought it was secure is still exposed. Worse, if a cyber attack does occur, the IT staff in charge will be temporarily paralyzed in response. They won’t know the source of the breach to seal. They may waste valuable time checking and rechecking a secure network.
Cybersecurity is the future of corporate crime. Companies need to be aware of the differences between OSs so that they can decide which to support. Each software system has its own traits and various data preservation methods. Companies must know how to properly sanitize data used by each system.
By far the most prevalent OS in the corporate world, Windows is commonly found on desktops, laptops and tablets. Parent company Microsoft provides continuous updates and occasional new products in its OS software offering. Windows software is typically hardware agnostic meaning that it works on a variety of third party technology. Given that this tech could be a cutting edge Dell or a decade-old Vostro, employers should be prepared to utilize more than one data sanitation solution.
A great deal of third party software works with Windows. Microsoft also provides its own in-house solution, called Cipher. Cipher is a data encryption tool that also allows users to overwrite data files larger than one kilobyte. Cipher was introduced back in 2003 but still works on modern Windows operating systems, including Windows 10.
Windows has been a primary OS for several decades. As such, Windows devices run the gamut from old to new. This means that hardware supporting Windows runs off a mix of hard drives and solid state drives. Hard drives operate on magnetic fields, and these can be permanently corrupted by a data degausser. SSDs and other flash media do not operate with magnetism so their hardware needs to be destroyed or shredded.
Microsoft provides recycling options for users without highly confidential material on their devices. However, the company recommended taking more extreme action when sensitive data was involved. All Windows-supporting hardware can be either shredded or destroyed with the right equipment.
Typically used on PCs and servers, Linux refers to all OS software designed around an open-source computer program called the Linux kernel. Unlike other software OSs in this article, there is no major company controlling Linux. Its system is typically less user-friendly but offers more control. As such, it is used primarily by IT specialists and users with higher than average computer knowledge.
Linux provides several tools for overwriting data. TechRepublic recommended installing the Puppy Linux distribution program, which provides streamlined data deletion tools to the user. Linux software allows the user to take various actions like replacing all deleted data with binary 0s or deleting and rewriting the data 100 times in one action. Since Linux is such an open platform, new solutions and updates regarding data overwriting are continuously rolling out.
As with Windows compatible hardware, Linux operates on machines with either hard drives or SSDs. In this regard, the operating system makes no difference. Hard drives should still be degaussed to be permanently unreadable, and SSDs should either be shredded and destroyed.
Since Linux is not owned by a major company, it does not provide anything like Microsoft’s recycling centers for devices without classified data. Companies seeking to destroy Linux-based data storage or flash media should simply use the best products available, preferably those with certification from the NSA.
Macs, iPhones and other products from Apple are known for having closed OSs. Unlike Windows and Linux, OS X is typically only found on Apple manufactured devices. Apple’s secular approach and careful design are in part what makes Macs secure, but these features also mean that not all software will run on the device.
Like Windows, Apple attempts to provide an in-house solution to data overwriting. According to Surveillance Self-Defense, older versions of OS X had an option to Secure Empty Trash from the OS’s trash bin. However, this option (like much data rewriting software) encountered problems with completely removing data from SSDs.
Apple has removed the tool for now, although it is still possible for OS X users with hard drives to use it with some extra work. It is worth noting that there are third party options for data overwriting as well, albeit fewer than for Windows or Linux.
Apple has been moving away from the hard drive in recent years, opting instead to choose a SSD or flash media. As such, users with modern Macs should not expect degaussing to be an option. This is a potential cybersecurity risk as degaussing is currently the most secure method to remove data.
That said, Apple does make use of “fusion drives” or drives that are a mix of hard drive and SSD technology. The hard drive portion of this hardware can be degaussed.
Apple offers its own recycling program for certain devices. While useful, this program – along with Microsoft’s or other companies – should not be used for devices containing highly classified information. No matter how stellar a reputation, there is always more risk is keeping confidential data intact and sending it off site than in destroying it in-house.
All Apple hardware can be shredded, destroyed or both.
The days of people having only one computer are over and the vast majority of workers carry smartphones. Developed by Google, the Android OS is based off the Linux kernel. Android devices are primarily smartphones and tablets – devices that can be and frequently are used for a mix of business and personal tasks.
Since it is based off Linux, Android-enabled hardware is open to many third party data overwriting programs. Android Central recommended using Android’s hard reset feature to permanently remove all data from the phone. While this process is thorough, it is not perfect. Android users should take further precautions when decommissioning Android devices that carry sensitive data.
Sadly, degaussing is not possible on Android since none of the recent models use hard drives. Smartphones today primarily use a mix of SSD and flash media technology to store files.
Going forward, corporations must learn to see smartphones as computers. Android devices, especially those with corporate secrets, should be shredded and destroyed – not given to one of the many phone recycling programs in existence.
While all the major software platforms follow similar rules, some come with hardware caveats that complicate the data destruction process. Companies should mandate a universal platform policy to stop clients from mixing and matching OSs. This will limit the challenges to cybersecurity.