"How do you as a Virtual Data provider destroy your documents? What should I do to destroy our data?" A very good client asked us this question the other day.
We will focus on the second question today and will soon give you more in depth insights in a future post.
The first thing that everyone needs to understand is that "DELETE" is not enough.
Keeping your confidential and proprietary data secure takes more than just preventing leaks and hacking. When you implement a basic document security policy, you need to also make provision for the safe destruction of documents once you’re done with them. Standard deletion protocol is to grab and drop the file in the trash can or recycle bin. That doesn’t work for files stored in your computers, because the file that’s deleted isn’t the actual data. It’s merely a pointer to the file, and deletion doesn’t necessarily accomplish removing the data.
Here are some tips on how to remove your data safely and effectively so no traces can be found by malicious parties:
Tip #1: Don’t Rely on Operating Systems
Operating systems delete files in the following way:
- The system reads the data from the file record in the Master File Table (MFT)
- It locates the directory entry where the file is stored
- It removes the file entry from the index
- It marks the clusters where it found the file as “unallocated space”
The actual data remains on the hard drive intact in its original form, and only the information that enables the user to find it has been changed.
Tip #2: Reformatting the Hard Disk Doesn’t Work
Its a common misconception that reformatting a computer’s hard drive wipes out all data. It doesn’t. Just like the other two methods above, this just changes the information users can actually see. Think of it as tearing out the contents page from a text book but leaving the book intact; the list of pages might be gone, but that doesn’t mean the book is empty—or the data secure!
Tip #3: Forget “Read Only” Devices
When CD-Rom was first invented, it was hailed as the answer to data security because once written, the disk could not be changed. What began as a strength has turned into a major threat, however, because the same protocols that prevent a CD-Rom from being overwritten prevents it from being deleted. And once the disk is useless it’s often discarded on a desk or in a drawer without a further thought, to offer unparalleled convenience and opportunity for would-be spies.
Tip #4: Shred All Paper
In the past, hard copies were shredded and sometimes re-shredded before disposal to ensure they were inaccessible for espionage purposes. Don’t use just any shredder, though; a secure shredding service is your best bet to prevent dumpster diving. Even if actual data isn’t obtained this way, policy manuals and procedures can give attackers enough information to successfully impersonate someone who has access to the really good stuff.
Tip #5: Electronic Media Wipe
- An effective method of getting rid of all electronically-held information, this process works by writing a series of 1s and 0s over the disk to remove the existing data securely. Some of the utilities available to do this are:
- BC Wipe
- CC Cleaner
- Sourceforge Project Eraser
These are all secure data removal tools that completely eliminate data from hard drives by overwriting a number of times with selected patterns of code.
Tip #5: Degaussing
Degaussing is a method of exposing the data to demagnetizing using a magnetic field with greater intensity. The method provides a safe and effective means of removing all data previously written to a drive, tape or stored in a virtual data room. Degaussing equipment used is regulated and monitored and can make the hardware unusable if it’s used wrongly.
Keep your documentation secure by ensuring that it’s destroyed effectively when the time comes.