Whether you’re an individual buying from an external source, or you’re a business that bulk-buys and moves laptops between staff, it’s a great way to save money. But they come with their own cyber security risks that should be condisered before purchase.
Here’s my second-hand laptop buyers’ advice.
Also see: Top tips to secure Office 365
What are the security risks?
Regardless of whether it’s for personal or company use, the main cyber security risks of second-hand laptops remain the same. These can include viruses or malware, malicious software and illegal files. These could all be present without the previous owner ever being aware of it, and could still be present after a basic pre-sale clean-up. In addition, if you buy from an unreliable source, other cyber threats such as cryptominers, keyloggers, and spy software can greatly compromise your personal and business security.
Another factor to consider when assessing the risk of a second-hand device is its age and make. This is because older devices may no longer be supported by its manufacturer. This means that, even if the device is safe at the time of buying, a lack of security updates may leave it vulnerable in the long run. Different systems also have differing instructions on how to effectively clean second-hand devices.
How do you minimise second-hand laptop dangers?
Thankfully, there are several solutions to the issues mentioned above that should limit the cyber security risk to you and your business, ensuring your second-hand laptop is safe to use. The most common advice is as follows:
Ensure it is fit for purpose: ask questions about the supplier and their pre-sale clean-up process, and check if the device still receives security updates.
Wipe or replace the hard drive before use: this ensures no personal data or malicious software is carried over. Pre-made company images are often installed in businesses as this stage.
Visit the manufacturer’s site: by doing this you can flash the BIOS and download the most recent update.
Protect it as you would a new device: install anti-virus software and ensure you or your employees use the device safely.
For more information, you can read the NCSC Guidance Here.