Dictionary
min read

Dumpster diving

Dumpster diving refers to searching through trash to find sensitive information

What is dumpster diving?

Dumpster diving refers to searching through physical trash or discarded materials to find sensitive information. Attackers can retrieve passwords, account details, or other confidential data from documents or devices that have not been properly destroyed.

What can you do to avoid dumpster diving?

  • Document destruction: Ensure all sensitive documents are shredded before disposal. This includes papers with personal information, financial data, and confidential business information.

  • Secure waste management: Use lockable waste containers and ensure they are placed in secure locations. This prevents unauthorized access to the waste.

  • Electronic waste: Ensure electronic devices containing sensitive data, such as hard drives and USB drives, are destroyed securely. This can include physical destruction or using specialized data wiping services.

  • Employee training: Train employees in secure waste management and raise awareness about the risks of dumpster diving. This can include guidelines on how to handle and dispose of sensitive documents.

  • Regular audits: Conduct regular audits of waste management processes to ensure security protocols are followed and to identify potential weaknesses.

  • Collaborate with professional services: Consider partnering with professional waste management companies that can provide secure solutions for the destruction of sensitive materials.

Sicra and dumpster diving

Sicra recommends having proper waste management systems in place if your company handles sensitive information. Both USB drives and physical documents should be properly destroyed if they are to be discarded. Collaborating with a company specializing in secure waste management is also advisable.

Sicra’s technicians can assist if you are targeted by an attack due to information hostile actors have found in the trash.

Through our CISO-for-hire service, we can also provide security consulting for those who wish to review their company’s security. This can include discussions on secure waste management or recommendations for companies that can assist in the future.

Services:

Read about our CISO-for-hire service here >

Related terms: Social engineering, CISO-for-hire.

Need Assistance?

We are happy to have a non-binding conversation.
Contact us

Tailored cybersecurity for institutions and enterprises that allows for innovation, growth, and fearless performance.

Get in touchCall us +47 648 08 488