A personal banker's laptop hard drive was nearly full to capacity. All of the data from the old hard drive was copied by an IT technician to a new hard drive that had twice the storage space. Then, the technician installed the new hard drive in the laptop. After the user verified that all of his information was present on the new drive, the old drive was tossed into the garbage. A few weeks later, many costumers started reporting to the bank that there had been fraudulent charges to their accounts. The bank started seeing a common trend. This seemed to happen to customers that had information on the discarded hard drive. It was investigated and verified that the proper hard drive disposal policy of the bank was not followed and as a result, the drive was retrieved and the information was stolen. The technician that did not follow the policy was also identified.
Who is responsible to the customer, the bank or the technician?
Why is this?
What legal issues can occur from dumpster diving?
How can you prevent dumpster diving?
It is the technicians fault, because the bank had already made the rules and let him know the banks policy for hardware disposal and he did not follow this procedure. There is a policy for all hired technicians in any facility that they have to follow that will show the policies rules for completing certain tasks. In this case he did not use the policy, he took it upon himself to throw valuable information on a hard drive into the trash, and cause a security problem. This would have not happened if he would have followed the policy. He knew what he was doing, but just got lazy, also in the policy for all technicians, we are to erase all data from hard drives and discard then sent to a facility that the bank or organization uses in order to complete the trashing procedure. When this is not followed, there will be problems with any information that is on the hard drive, and with the organization that it came from. The legal issues that can come from dumpster diving are, identity theft, theft of bank assets, issues with them using your name to falsify information and more. These are all legal issues that have to be handled in a Supreme Court. The way to prevent dumpster diving is to make a trash policy that is effective and follow he procedure for shredding paperwork and cards, also melting hard drives, erasing them, or opening them and destroying the cd's that are in them. This will stop all problems that come with dumpster diving. Using techniques like this will stop dumpster divers from getting your information from you or your company and employees.
Created on August 10, 2015 by Lionel Sharpe || Professor Eric Rivers at 3:35 AM
Form (rr15a) Code:3301627005-GA
Form (rr15b) Code:3301627006-NJ
Form (rr15c) Code:3301627007-FL