While many businesses or service providers do not realize it, most action performed on a computer, as well as file, document or physical record saved, is recorded on the device’s hard drive. As such, even the smallest companies or service providers can have a treasure trove of data that could be exploited by hackers. Here, the data forensics specialists at Atlantic Data Forensics detail how to safely destroy data to ensure your businesses’ valuable information is kept safe.
What is Data Destruction?
Data destruction is the process of implementing a protocol to get rid of data in such a way that it is protected from internal and external threats. This process goes beyond clearing a computer’s cache or cookies: safe data destruction should involve rigorous measures to purge unneeded or unnecessary data from company devices and drives. Data destruction may be digital or physical, depending on the needs of the company.
Federal and State Data Destruction Regulations
Federal regulations, such as FACTA, require businesses holding personal identifiable information (PII) to dispose of this information in such a way that it is reasonably irretrievable, unreadable and unusable. PII includes full names, telephone numbers, addresses, Social Security numbers, birthplace and date of birth, license number, passport number, fingerprints, genetic information and more.
At least 31 states have enacted laws that dictate how governmental agencies must store and dispose of data. In Maryland, the governing regulation is called the Department of Information Technology’s Public and Confidential Information Policy. This policy establishes different confidentiality levels of personal information, proper protocol for marking and storing information, protocol for disposing of information and how to handle data breaches. More information on these regulations can be found here.
Data Destruction Techniques
Data destruction can be a physical or digital process, and often requires both measures to properly protect the safety of personal information. Physically, information can be destroyed in several ways. Paper records may be shredded using a cross-cut paper shredder, burned or pulped. Hard drives can be destroyed using a hard drive shredder, or by enlisting the services of a data destruction company. Physically destroying a hard drive may be a valuable choice if an individual believes that the destruction of digital data has not been thorough.
Digital data destruction can require several steps to cause data to become irretrievable and unusable. Simply deleting files is not enough, so data destruction software should be used to overwrite deleted data with random data. Such software will cause selected information to become unreadable, and thus protected from breaches.
Digital data may also be destroyed through a process known as “degaussing.” This process alters the magnetic field of storage tapes and disk drives, ultimately preventing the data from being accessed. Degaussing can be complicated, however, and the individual responsible for overseeing it will need to know the extent of degaussing necessary to complete it properly.
How Atlantic Data Forensics Can Help
Virtually every company and government organization today has a vast amount of sensitive or confidential data. To prevent it from being accessed, you need secure data destruction to occur prior to disposing of digital devices such as desktop computers, tablets, company-owned smartphones, and other electronics.
Whether it’s internal or external data, it is important that you work with highly qualified data specialists so that your business or organization risks no liability once you have completed the process. Atlantic Data Forensics has worked in the computer forensics industry for years, and has the skills and know-how necessary to assist your company. For more information, we urge you to contact us today!