We are often contacted when clients need to retrieve data that has become inaccessible through a hard drive crash, accidental deletion or one of a myriad of other scenarios. Where do people go if they absolutely, positively want their data destroyed or their hard drives “erased?”
Flip the coin
When it comes to protecting your most sensitive electronic information, creating a clear data disposal policy is equally important to having a solid data retention plan. Using a proven data erasure software product or hardware tool will go a long way in ensuring critical information does not fall into the wrong hands.
Many organizations have clear document retention policies that specify how long important data, such as financial or customer records, need to be kept. But any of these same organizations do not have clear policies for handling data that no longer needs to be retained or for disposing of old PCs, hard drives, servers and other data storage devices.
Out with the old
Simply “deleting” all of the files stored on a hard drive or other storage device before recycling it does not protect those files from being recovered. Even a novice computer user could run a data recovery software program on the drive and recover many or all of the deleted files.
Physically destroying the drive using a power drill, hammer or other tools certainly reduces the possibility of data recovery, but our engineers could give you many examples of how they have recovered data from drives that were crushed, impaled, cracked and seemingly dead.
Your safest bet for ensuring that sensitive data is no longer accessible is to use a well-proven data erasure software product or a hardware device called a “degausser”.
Not convinced? You might risk your business
Why should organizations take such rigorous steps to ensure that data has been completely removed from a hard drive? While these procedures may seem overly paranoid, consider the risks of not taking such steps.
Theft of sensitive data: Leaving sensitive information on a desktop or laptop hard drive or other storage device that reaches the end of its life cycle puts your organization at risk for data theft. Highly publicized data privacy breaches have damaged the credibility of many businesses and government entities and have often led to litigation.
Poor control of internal data accessibility: Using an erasure product or service on an employee’s computer after he/she leaves a company – and before that computer is given to another employee – helps limit access to sensitive information.
Regulatory compliance violations: Data privacy and retention regulations force organizations to both retain and dispose of certain data and prove that proper procedures are in place to maintain compliance. Data erasure software or hardware will help your organization better meet these regulations.
However you choose to dispose of your old devices, it is always best to make sure an agreed policy is in place that covers all used storage devices (including smartphones and tablets) to help ensure your business’ sensitive data is disposed of in a secure way, thus preventing any potential leaks.