Have you ever wondered what exactly happens to the digital image of the document you are copying after all of your copies have been rendered? Most likely not. At least it seems that the average person who is copying those last minute documents doesn’t think about the copy machine after they are finished using it or question the fate of the digital image that the machine makes in order to produce the copies. Most of use just make our copies and assume that the digital version of our document simply gets relegated to the void.
The truth is, however, almost every copier since 2002 contains its own hard drive, and unless someone takes care to wipe that hard drive, the digital replications of the hard documents being scanned simply get stored. This wouldn’t be a worry if all documents being scanned and copied were trivial ones, containing information useless to most people. We all know, however, that copiers are nearly indiscriminately used to copy trivial and sensitive information alike. This means that when someone copies or scans social security numbers, bank statements, medical records, etc., there is a corresponding digital copy being stored on the hard drive of the copy machine.
Armen Keteyian reported in a CBS news article that John Juntunen, owner of the Sacramento-based company Digital Copier Security, took CBS News to a warehouse in New Jersey in order to see how difficult it would be to purchase a used copier loaded with documents, and Keteyian reports that it is actually pretty easy. For about $300 each Juntunen bought four machines, which he would then pull the hard drives from and scan them using forensic software available to anyone for free. Juntunen found everything from police reports, to pay stubs with names, addresses and social security numbers, and $40,000 in copied checks. Warehouses storing these used copiers are a plentiful wellspring for identity thieves.
This is alarming, or at least it should be. Despite Juntunen’s efforts to raise public awareness and concern for the problem, however, his message is mostly falling on deaf ears. One cannot help but wonder why this is, but I will mostly attribute it to the prosaic and mundane nature of the task of copying documents. After all, why would the hapless secretary who is trying to wrap up her final task on a Friday afternoon (which happens to be making a few copies) give a second thought to the security of the document she is copying, when what is really occupying her mind is what pair of shoes she should wear for girls' night out? The bottom line is, despite how mundane the tasks involving copiers might be, the security threat is very real and not as remote as it might seem. So it is highly prudent that individuals and businesses first of all be mindful of what they are about to copy; if the document contains sensitive information, but it is not absolutely compulsory that it be copied, then simply do not copy it. If the document must be copied, however, one should take measures to ensure that the machine they use is secure. Businesses especially can take such measures and regularly wipe the hard drives of their copiers.