Two Reliable Methods To A Secure Data Destruction

Traditionally, data was not portable and it required huge efforts to migrate large datasets to another environment. Cloud data migration was also extremely difficult, in the early days of cloud computing. New technical methods are developing to make migration easier, and thus make data more portable.

There are many mobile data security tools, designed to protect mobile devices and data by identifying threats, creating backups, and preventing threats on the endpoint from reaching the corporate network. IT staff use mobile data security software to enable secure mobile access to networks and systems.

DOWNLOAD

Data protection and privacy is a broad topic. A successful data protection procedure can prevent data loss, or corruption and reduce damage caused in the event of a breach. Data privacy methods ensure that sensitive data is accessible only to approved parties.

The cloud-based subscription of Office 365 enables employees to work anywhere, anytime without the need to host their own content and emails. However, these files are not always protected from failure, disaster, or attack. Organizations can achieve this by backing up data in secure and reliable storage, on-prem or in the cloud.

Answer:

Yes. Regular email is not a secure method for sending sensitive data. The better practice is to encrypt any transmission that contains information that could be used by fraudsters or identity thieves.

Watch a video, How to File a Complaint, at ftc.gov/video to learn more. The FTC enters consumer complaints into the Consumer Sentinel Network, a secure online database and investigative tool used by hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.

The demand for safe and secure data destruction methods is rapidly rising. And more specifically so, for companies in the retail and financial industry. This is because they handle a lot of sensitive information.

You can physically destroy the electronic device that has stored all your data when it is no longer usable. Physical destruction needs to be done in a safe environment and in the proper way. The best form of physical destruction is shredding.

This renders the electronic device unusable. And leaves the data protected from outside parties. Physical destruction is a convenient way of getting rid of data and electronic devices that are no longer needed.

Physical destruction can also be used when the two above methods are not viable options. And also when you want total assurance that the data has been completely destroyed. Besides, physical destruction can be done by melting electronic devices.

Today, hard drive and other media devices are less common than they were some years ago, because the current trend is to use the cloud, although there are still a lot of people using pen drives, external hard drives, etc. And, of course, all the information in the cloud is ultimately stored on a server, i.e., its hard disk, which is also a media device. Therefore, secure media disposal is very important to make sure sensitive data do not leak.

Use of non-retrievable methods: Physical destruction (e.g., by grinding or shredding) or overwriting techniques, with specific or generic patterns, should be used to perform disposal of highly sensitive information.

To consistently dispose of data securely, you need the right policies in place. These policies will educate your employees on the best data disposal methods and help you cultivate a compliance culture in your organization. Your data disposal policies must reflect your organization's core values for accountability. Create, maintain, and enforce a policy that delegates and outlines best practices for the disposal and destruction work. The policy should indicate what to do with media devices you no longer need and describe conditions for updating your asset inventory lists. If you are not equipped to establish and enforce data disposition rules, partner with a third party that specializes in data disposal and provides proof that the data has been completely disposed of or destroyed.

A data destruction service can ensure that all data in your media storage is completely erased. A high-security media destroyer is used for storage devices such as hard drives and SSDs, rendering the data unrecoverable. To prevent data breaches, make sure to evaluate the provider's background before hiring them, and ask for verification that the data was 100 percent destroyed after the job is complete. Make sure the service provider is NAID AAA certified; this organization helps verify secure data deconstruction providers and ensure their services comply with known data protection laws. Before handing over your IT equipment or data, you should also ask the vendor to sign a confidentiality agreement. These steps will help protect your reputation as you trust your company's data with a third party.

Secure data disposal is vital for any organization with data or IT equipment that's no longer useful. To be secure, the process must comply with industry-established standards. A data leak could result in identity theft, financial fraud, or loss of customer trust. LinkSource provides certified, state-of-the-art asset and e-waste management services for a wide range of clients. To learn more about what we do and find tips for optimizing your IT environment, subscribe to our blog!

When it comes to selecting ways to destroy data, organizations have a short menu. There are basically three options: overwriting, which is covering up old data with information; degaussing, which erases the magnetic field of the storage media; and physical destruction, which employs techniques such as disk shredding. Each of these techniques has benefits and drawbacks, experts say.

The data destruction market hasn't changed much in the past few years, says Ben Rothke, an information security professional with extensive experience in data destruction. "If there is any trend, it is that more firms are aware of the importance of data destruction," Rothke says.

Still, some organizations, particularly smaller ones, need more education about data destruction, according to Jay Heiser, an analyst at research firm Gartner."We consider this a very important topic, but it is not one that Gartner clients spend a lot of time asking us about," Heiser says.

While a traditionally outsourced data center provider will typically commit to destroying data at the end of a contract and confirm this destruction in writing, that type of policy is rare to nonexistent for SaaS, Heiser says.

Cloud services will likely increasingly shape how data destruction is perceived and performed in the coming years, says Ariel Silverstone, vice president and CISO at online travel services provider Expedia.

"With the massive herd heading toward cloud, most vestigial physical destruction remnants are being killed off," Silverstone says. "In other words, logical destruction, for all but truly classified data, is further entrenched as the norm. The problem is not destruction as much as it is discovery of the data. How do we find the data that we need to destroy?"

There's also the issue of securing media during the process of degaussing. "If there are strict requirements that prevent exit of failed and decommissioned media from the data center, then the organization must assign physical space in the data center to secure the media and equipment for the disk eradication" process, Tero says.

One of the biggest advantages of this method is that it provides the highest assurance of absolute destruction of the data. There's no likelihood that someone will be able to reconstruct or recover the data from a disk or drive that's been physically destroyed.

The company ended up stockpiling thousands of old drives while pondering how to destroy them in a way that was not prohibitively expensive but that still resulted in the complete destruction of the data. Intel had been working with scrap contractors that melt down and reclaim precious metals, and someone came up with idea of having them melt down the hard drives and recycle the metal.

However, Harkins points out that the effectiveness of physical destruction methods depends on how much of the medium was actually destroyed. "I might still worry about drilling holes in a hard drive," which might render the drive unusable but not destroy the data that's left in unaffected spaces, he says.

In this final stage of the lifecycle, data is purged from the records and destroyed securely. Businesses will delete data that they no longer need to create more storage space for active data. During this phase, data is removed from archives when it exceeds the required retention period or no longer serves a meaningful purpose to the organization.

Degaussing is a form of overwriting secure data and erasing it without having to worry about that information falling into the wrong hands. In some cases, someone might choose to physically destroy a hard drive. On the other end, degaussing doesn't physically destroy the hard drive, but demagnetizes or neutralizes the magnetic field used for data storage. The data storage can be any form of magnetic media such as hard drives, floppy disks, etc.

If a key is no longer in use or if it has somehow been compromised, an administrator can choose to delete the key entirely from the key storage database of the encryption key manager. The key manager will remove it and all its instances, or just certain instances, completely and make the recovery of that key impossible (other than through a restore from a backup image). This should be available as an option if sensitive data is compromised in its encrypted state. If the key is deleted, the compromised data will be completely secure and unrecoverable since it would be impossible to recreate the encryption key for that data.

The data destruction process utilizes various data destruction methods (e.g. degaussing, shredding and data wiping) to completely erase the data on all electronic devices including tapes, smartphones, tablets, hard drives, etc. so that it cannot fall into the wrong hands.

38c6e68cf9

Page updated

Google Sites

Report abuse