The Importance of Secure Data
Wipe
Many companies nowadays have chosen to contract IT services and
comprehensive solutions, instead of buying their own equipment, this
(sometimes) due to the advantages and benefits that we have briefly in " The Advantages of contracting managed ICT services for your company”,
but nobody tells us what will happen after the end of our contract, whether we
renew or definitively terminate, and if the latter is the case, how do we
ensure that our information does not fall into the wrong hands? That is
why we present you: The importance of
making a secure deletion at the end of your contract.
Where
does the information go?
Companies, regardless of their
size or their sector, base their activity on information: databases, text
documents, files, images, etc. The information life cycle, in a simplified
way, consists of three phases: generation, transformation and
destruction. All information has a useful life whether it is in digital
format (CD, DVD, USB Flash, magnetic disks, memory cards) or in traditional
formats (paper, microfiche, films). When the life of the documents comes
to an end, erasure mechanisms must be used to prevent them from being
accessible to third parties.
Information on all kinds of equipment
Today, companies not only have to
deal with tape backups and hard drives, but there are also mobile devices,
memory cards, and now more than ever virtualized environments. No matter
what type of data a company produces, it is essential to manage it safely and
in compliance with regulations, not only during storage and transit, but also
at the end of its useful life.
Everyone should understand the
importance of a secure erasure of their data. Regardless of whether you
want to sell a used Smartphone on eBay or have a company legally obligated to
destroy sensitive information, implementing secure data destruction practices
can prevent difficult situations such as a data breach.
A bit of Statistics
According to projections by The
Radicati Group , in 2021
we will be sending 320,000 million emails per day. An immeasurable amount
of data that leads to the use of too much information. Companies create
much more Big Data than before and at an increasingly rapid rate.
In the 2019 New Vantage Big Data
and Artificial Intelligence Executives survey, 91.6% of organizations are
investing in Big Data and artificial intelligence, this with the aim of
ensuring their transformation into agile and competitive companies. The
foregoing comes up for the use of all this information, because if you have a
contract in relation to an IT project with, for example, 48 months of validity,
with services of computer equipment, printers, servers, etc., When the time
comes to terminate this contract, you must choose to completely eliminate the
information of the equipment to be returned, information taken from emails and
all that data that will no longer be used, must be deleted to avoid damages and
mishandling of such information.
Benefits of a secure Data
Wiping:
Once we understand why the
information should be deleted after the contract, we can move on to the
benefits of secure deletion:
·
Secure Data Wipe on all computers involved. The
erasure of information is at the physical, logical and virtual level of HDD and
SSD hard drives, cell phones and tablets, SAN and NAS storage, logical drives
and virtual machines, etc.
·
Erasure report with digital signature. This
report will provide information on the entire erasure process, with the digital
signature of the expert provider, which endorses and details in its report on
all the equipment that was intervened in the erasure, among other tools that
may be useful in audits.
·
Compliance with Standards. A good
secure Data Wiping
service provider, or the same company that you signed a contract with, should
ensure compliance with state, federal, and international regulations and
guidelines. (some include “INAI's Secure Erasure Guide), Digital
Certification, Erasure Report as evidence of the process with digital
signature, etc.
Situations that a secure Data
Wiping wants to avoid
1-
The legal sanctions for non-compliance with the legislation that
regulates the treatment of personal information.
2-
Image damage derived from the disclosure of information that
should have been erased or media and equipment, with confidential information,
that should have been destroyed.
3-
Conservation and custody costs beyond the necessary time.
4- Risks due to theft or improper use of confidential information.
Secure Data
Wiping Policies
It is imperative that every company has a policy for the secure
erasure of information from the storage devices with which it works, which
contains at least the following elements:
Appropriate media
management:
A)
Track the devices that are in operation, the
people or departments responsible, the information contained in them and their
classification based on the degree of criticality for the business.
B)
Carry out the supervision of the devices that
store the backup copies of this data.
C) Control any operation carried out on a device: maintenance, repair, replacement, etc.
D)
In the transfer of storage devices to
facilities outside the company, ensure that the chain of custody of the same is
met, to avoid information leaks.
Documentation of the
erasure operations carried out:
Confidential information has a reason for use, in addition to a
useful life cycle that, at the end, must be wiped to avoid mishandling by third
parties, so we recommend you go to experts on the subject who at any time can
advise you on the process the secure erasure of your information.
No comments:
Post a Comment