What is Data Destruction?
It is the intentional, permanent and irrevocable removal of data. Specifically, digital data stored on memory storage devices, which include data storage, mobile devices, and Internet of Things (IoT) devices. If the data is not properly cleansed then personal and/or confidential information such as photos, company documents, emails, invoices, and passwords can be recovered.
Why is it Necessary?
Data management and destruction decisions occur throughout the information life cycle. Data destruction is a fundamental part of a holistic and mature approach to governing information, and paramount in preventing sensitive data from being accessed by unauthorised persons. Although data has a high value in most businesses, it also has an ongoing maintenance cost and may be subject to policies that necessitate destruction. Studies conducted within the field of media and data recovery demonstrate how easily data can be retrieved, even after efforts have been made to cleanse the storage device. While some cases of unwanted recovery of data occur when a device is lost, a larger number of instances can be attributed to the improper disposal of data due to inadequate cleansing.
Improper Data Destruction
With a multitude of brands and devices offering data destruction services to the end user, it is unsurprising that users may make misinformed decisions on the disposal of data. Two of the most popular and misunderstood options, which do not result in data erasure, are formatting and factory reset. These methods are primarily used for preparing new devices for use however, they always leave recoverable files as only metadata (which can point to the location of data) is removed. Information left behind after attempted destruction is known as data remanence which can cause unintentional leaks of sensitive information. There are many common ways to recover data, such as simply restoring a file from the recycle bin, or using programs to identify files that can be ‘found’ through signature-based analysis which recognises common file formats. Data on magnetic media can also be retrieved if it is overwritten only once, by direct observation with an electron microscope.
Proper Data Destruction
There are three common methods of data destruction that are more permanent:
Data Erasure - The process of overwriting data to reduce the likelihood of its retrieval from a storage device. There are physical methods for magnetic media, such as degaussing (applying strong magnetic fields to disrupt stored data) and heating (bringing the disk above the Curie point, where it becomes non-magnetic). Data erasure can also be achieved using software, which writes random, empty, or patterned data in order to destroy any evidence of the original data.
Cryptographic Erasure - Where strong full-disk encryption (FDE) has been used to guard the contents of a storage device, this method erases the key material which could be used to decrypt the data. Once the key material is securely erased, the data stored on the encrypted volume is no longer able to be read.
Physical Destruction - The process of physically shredding hard drives, smartphones, printers, laptops and other storage media into tiny pieces, making it extremely difficult, if not impossible to re-assemble.
It is worth considering the value of information stored on personal and professional devices over their operating life. Choosing an appropriate disposal method to protect that data should be part of the documented life cycle of these devices. At an organisational level, appropriate policies on data storage, encryption, retention and destruction should be implemented. This can aid in mitigating the high costs associated with data breaches such as loss of customer trust, breach of regulation, financial loss, and other preventable occurrences.
Alcorn Group has experience in a range of governance, risk and compliance services including conducting reviews of data management policies to aid in mitigating these risks.