Guest Blog: Permanent data erasure – are concerns about security alarmist?

OLYMPUS DIGITAL CAMERA

Today we’re happy to host a guest post from Dr.DataRecovery at Kroll Ontrack. Computer Aid uses Kroll Ontrack’s Eraser software to data wipe all equipment received in donation from our supporters in the UK. The software holds NATO, US & various European government accreditations – find out more at the official website.

Businesses face multiple challenges when disposing of their end-of-life data and hardware. One reason is the need to meet a range of legal requirements or else face a hefty fine of up to £500,000 from the Information Commissioner’s Office. With this considerable fine in mind, data deletion and destruction should be carefully reviewed and implemented in all companies.

Kroll Ontrack carried out a study on the methods companies use to erase data. The survey of more than 1,500 participants in 12 different countries (North America, Europe and Asia Pacific) revealed that less than half of the respondents regularly and permanently remove sensitive data from their old computers or hard drives. These devices are not safe from a potential data leakage which could have catastrophic consequences. Indeed, according to our survey, data leakage affects businesses once a year and on average cost $6.75 million per loss.

In total, more than 60% of computers discarded by professionals are intact and still contain data from the previous owner when they are placed on the second hand market. Many people are not aware that when you delete files on a hard drive, it simply indicates that the disk may overwrite these files, which may never happen. Also a reformatted disk deletes entries in the index or table of contents that link to the data, but not the data itself. You should also know that when you physically destroy a disk, this does not guarantee data protection. Indeed, Kroll Ontrack recovers data from badly damaged hard drives, such as those of the Space Shuttle Columbia which was destroyed during its re-entry into Earth’s atmosphere.

Secure data erasure software that rewrites the entire hard disk or a degausser that, using a powerful magnetic field, removes the data by making the media unusable are the two safest methods to ensure that sensitive data is actually deleted and not vulnerable if it falls into the wrong hands. In addition to enabling companies to comply with the Data Protection Act and the rules concerning confidentiality, secure data erasure should be part of all security strategies of companies.

Additionally, reliable and secure erasure solutions should provide you with erasure reports which can be critical for legal compliance audits because in addition to advising on what has been deleted, they identify the serial number, make and model of the hard drive removed, the date and time of disappearance and list the amount of information that has been deleted.

If your company’s data is compromised during any step of the asset disposal process, even after it has left the organisation, you may still be responsible for breaching the Data Protection Act and therefore liable to fines, so it is important to manage the full process correctly.

Kroll Ontrack provides data erasure software as well as hardware erasure to erase data to the highest CESG, NATO and other respected industry standards. For more information, visit our website or contact us at +44 (0)20 3627 6542.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s