Nearly one-third of British business PCs still have sensitive data on them when they are discarded, according to research commissioned by Lenovo.
Many companies simply erase data or format the disk on the PC, which leaves information easy to access, the computer maker said on Thursday, reporting on its survey of 300 UK businesses.
Awareness of the environmental impact of disposal of electronic equipment has been boosted by the EU's Waste Electrical and Electronic Equipment (WEEE) directive, which came into force in the UK this week. The "green" directive is meant to keep old hardware out of landfills. But the data-security risk is greater if PCs are kept going rather than destroyed, and this danger may be exacerbated by moves encouraging the recycling of technology.
Vista Upgrade Blog
Grappling with the OS
How is the switch to Vista affecting your workplace? Take a look at our new group blog and share your pain and praise.
There are measures companies can take. Wiping the disk or rewriting random bits over the existing data multiple times makes it impossible to retrieve the original information, according to experts, although it is worth making sure that any wiping method meets the standard Gutmann specifications.
Lenovo provides a free Secure Data Disposal tool for download on its site that can be used to wipe data on PCs before getting rid of them or passing them to different users in a company.
"It is essential for organisations to consider secure data disposal when refreshing end-of-life computers in order to avoid becoming susceptible to potentially immeasurable business risk," Chris Wells, Lenovo's vice president for UK and Ireland, said in a statement.
Talkback
We're finding more and more that Companies are choosing to implement cost savings and one of these is the avoidance of any additional charges associated with the disposal of waste. This applies very much to the recycling of old computer hardware. There's a large proportion of businesses that remove their hard drives before we take away the equipment and a proportion who don't want to have to pay for the reporting process- hence don't get to know if we've removed their data or not.
The issues may end up compoundng themselves when there's a breach of the Data Protection Act but I think that we need to look at this pragmatically. Half of the majore recycling companies out there are looking to make money from waste and not resale of computers. The big recyclers are geared up for processing and not refurbishment
This post has been removed by a moderator.