This is a true story about 3 managers working for a global company with UK offices nationwide, headquartered in London.
There were 3 managers. The compliance manager, the IT manager and the information security manager working for a global company headquartered in London. They all had their respective jobs with daily tasks performed to the best of their ability.
The IT manager was responsible for ensuring the equipment was integrated into the company and systems delivered. He had made an exceptionally tight network and data security was of paramount importance.
The information security manager had looked at the flow of information across the systems and made sure he had ticked all boxes that he possibly could to ensure that there would be no data breach. Data security was of paramount importance.
Then there was the compliance manager who had ensured that all due diligence had been adhered to. Corporate social responsibility was of paramount importance.
The 3 managers, through the company spent a fortune on ensuring that when integrating these systems and hardware into the company they ensured data security was of paramount importance.
Then came time to refresh and recycle the IT equipment.
Someone from a IT recycling company called and said they will pick the equipment up for them. Bearing in mind these units held accounting information, new company ideas for the forthcoming year, minutes of meetings, personal details, employee whereabouts company turnover, manager salaries and huge resources of information.
As you might expect the van came collected the equipment and they were presented with the certificate within 5 days to say they were WEEE compliant.
Then shortly after, thousands of miles away a group of young documentary making company were out in the sunny beaches of Lagos. Sent out their by their wish of seeing vast electronics markets with thriving wall street culture only watered down by the lack of wealth.
As they trudge to Abuja market in Lagos, they see thousands upon thousands of hardware units stacked in the street. Some are separated from their hard drives and just the carcass is being smelted for the precious metals inside at the expense of the health of the people doing it.
The hard drives had gone on a journey themselves to a sorting factory where they were auctioned to Russian cybercriminals for their data. This data was used in a variety of ways one of which was a story regarding the Managing Director leaked from an email. Company profits were used as blackmail for a payment in return for the data. For a while the company was put on standstill and some data sensitive items were used as bargaining tools.
As a result the 3 manager were eaten alive at the board meeting and serious questions were asked about the previously impeccable corporate torchbearers to the point where one of these was relieved of his position.
This was unfortunate for the 3 as they simply hadn’t worked together to ensure that a secure policy was put in place.
This can be avoided by using ADISA accredited companies.
For more no obligation conversation on how your company can achieve compliance, reporting and data security contact 0845 474 5679 or email firstname.lastname@example.org
Working with companies throughout the UK & further to discuss openly and without obligation.