Many professionals still don’t have the proper protocols in place when it comes to data destruction. There’s a lot of buzz about cyber-security. Organizations are slowly learning that they must hire an IT managed services provider to:
- Monitor their systems,
- Backup their systems,
- Ensure their systems and devices are secure,
- Provide disaster recovery, and
- So much more
However, there’s yet another key factor that organizations are missing, proper data destruction.
There is one level of data destruction, where you continue to use the device after you’ve wiped or reconfigured the data to some degree. However, the only secure form of data destruction is to completely, physically destroy the hard drive or other storage device with a hard drive crusher, blue ray crusher, solid state destroyer or similar tool.
“Over the last several years, we’ve worked with businesses in the finance, health care and government sectors to help them understand the need to permanently and verifiably erase data from IT equipment and devices. But while organizations may see the value of data removal when their equipment reaches end of life, they often overlook and dismiss the importance of erasing active files from desktop computers, laptops, external drives and servers. In doing so, they leave large volumes of sensitive, confidential and potentially compromising data exposed and vulnerable to loss or theft.”
Richard Stiennon, a former Gartner analyst.
While it’s important to wipe data from computers in active use, Stiennon’s thoughts beg the question, “Should we be physically destroying our hard drives more often?”
Many experts will admit that the biggest threat to security in a lot of organizations is a person who’s already on the payroll of those organizations. In addition, when a device stops working or is outdated and thrown into a storeroom accessible to dozens of essential and non-essential employees, has that data been disposed of properly? Not at all.
Is it possible that we should be destroying devices and hard drives:
- Whenever a staff member leaves or a new staff member joins the team;
- After certain levels of breaches; and
- After any sort of internal inspection or investigation?
The fact remains: when complete data destruction is necessary, so is physical device or drive destruction. Have modern companies really faced these facts? Contact us today at Phiston Technologies to learn more.