Australian Digital Forensics Conference

Document Type

Conference Proceeding

Publisher

SRI Security Research Institute, Edith Cowan University, Perth, Western Australia

Abstract

The growth in the use of computers in all aspects of our lives has continued to increase to the point where desktop, laptop, netbook or tablet computers are now almost essential in the way that we communicate and work. As a result of this, and the fact that these devices have a limited lifespan, enormous numbers of computers are being disposed of at the end of their useful life by individuals or/and organisations. As the cost of computing has reduced, the level of ‘consumerisation’ has increased together with the requirement for mobility. This has led to an increasing use of these devices both in the work environment and for personal data, which has resulted in computers containing high levels of both personal and corporate data. Computers have a relatively short life and are replaced on a regular basis. If not properly cleansed of data when they are released into the public domain they may contain data that is sensitive to the organisation or the individual and which may be relatively up to date. This problem is further exacerbated by the increasing popularity and use of smart phones, which may also contain significant storage capacity. This research describes the first survey of data remaining on computer hard disks sold on the second hand market in the United Arab Emirates (UAE). Similar studies have been carried over the last six years in the United Kingdom, Australia, USA, Germany and France. This research was undertaken to gain insight into the volumes of data found on disks purchased in the UAE compared to other regions of the world and to gain an understanding of the relative level of the problem of residual data in the UAE. The study was carried out by Khalifa University of Science, Technology and Research and was sponsored by Verizon Ltd, a security management and consultancy company.The core methodology of the research that was adopted for the study was the same as has been used for the other studies referred to above. The methodology included the acquisition of a number of second hand computer disks from a range of sources and then analysing them to determine whether any data could be recovered from the disk and if so, whether the data that it contained could be used to determine the previous owner or user. If information was found on the disks and the previous user or owner could be identified, the research examined whether it was of a sensitive nature or in a sufficient volume to represent a risk.

Comments

Originally published in the Proceedings of the 10th Australian Digital Forensics Conference, Novotel Langley Hotel, Perth, Western Australia, 3rd-5th December, 2012

Share

 
COinS
 

Link to publisher version (DOI)

10.4225/75/57b3b239fb863