Is Data Erasure Really Secure?
- Apr 8, 2021
- 3 min read
Let me paint you a scenario. You managed to get hold of some pretty damning evidence against someone and saved it in a thumb drive or your mobile or laptop device, only to have it be physically stamped on or destroyed to get rid of that piece of evidence.
Sounds familiar? Well, I am pretty sure you have seen this scene in movies or shows before! It’s a common sight really – for something to be physically destroyed in order to “get rid” of the data inside it.
But here’s the reality. Did you know that although physically destroying most traditional drives will render the data irrecoverable, destroying newer technologies, such as Solid State Drives (SSDs), has been found to leave data on drive fragments, creating the possibility of a data breach while rendering the drive unusable? Insane isn’t it?
Let me bring this back into a business context.
What this means is that for any business who wants to dispose of any sensitive data records, physical destruction alone is not the most safe and secure option!
In fact, secure, certified data erasure has become a more popular choice for organizations to add an additional layer of security to a physical destruction project. It can also be used as the sole means of removing data from drives, mobile phones, removable media and more!
Hence, when it comes to the safeguarding of sensitive information, organizations can’t afford to cut corners!
Limitations of Physical Destruction
Here’s the thing: Like I mentioned above, SSDs and other IT assets can be physically destroyed with brute force, but because of the increasingly dense way data is stored, intact chips and the data they contain can remain on shards of shredded hardware! This vulnerability, plus drive replacement expenses, can be costly to business.
And other than a possible data breach, this is also costly to the environment. As the “green” movement gains momentum and global technology needs skyrocket, there’s concern over the rapid consumption of natural resources for new devices, as well as the vast number of used devices (e-waste) going into landfills.
So how exactly does Data Erasure work and how Secure is it?
Software-based data erasure overwrites data on any storage device, replacing the original data with zeros and ones. All sectors of the device are completely overwritten, with the option to perform multiple overwrites where regulations dictate.
Once this process is complete, the data on the device is completely unrecoverable by any forensic means, permitting reuse of the device if desired, and thus achieving complete data sanitization as defined by the International Data Sanitization Consortium and Gartner. In fact, a range of modern-day standards of data governance compliance now include data erasure as a preferred method of data sanitization. What’s more, respected data sanitization standards and industry leaders have validated data erasure as a secure data protection option at end-of-life, used either alone or in conjunction with physical destruction for highly confidential data.
Physical Destruction, Data Erasure, or both?
In reality, many companies use software-based data erasure to add an additional layer of security to their IT asset disposition process. When assets reach end-of-life, they can be fully sanitized with data erasure before performing physical destruction, meaning no residual data can be recovered from fragments after the fact. This added security allows organizations to go about their business in the comforting knowledge that they are safeguarded against unauthorized data access when decommissioning assets.
And it’s not just IT assets at end-of-life that reap the benefits of software-based data erasure. Businesses can also erase data within active environments—securely and certifiably—with no downtime. Compliance is key in any business that stores personally identifiable information. Many regulations, including GDPR and HIPAA, stipulate that businesses must dispose of data in active environments once it has passed its retention date
Want to find out more about Data Erasure for your business and how we can help you with it? Click the green button below to chat with us today!
eVantage Technology is a professional and trusted IT solutions provider, dedicated to providing exceptional service to companies in Singapore and across Asia.
Comments