3 rules for secure data removal from storage media
Institutions and enterprises, in accordance with applicable regulations, are obliged to ensure the security of information they store. What if there is a need to get rid of particularly sensitive data saved on electronic media? It is worth knowing some key principles how to proceed so that they are removed in a safe and irreversible way.
SEARCH FOR A SPECIALIZED SERVICE PROVIDER
Use only the services of companies that specialize in the field of data deletion. The extremely low price for the destruction of e.g. one disk should always be a warning signal. It is worth checking then what qualifications your company has? What equipment does it use? Does it have the appropriate certificates and references? Does it apply strict security standards? Does it offer a process of filming the performed service? Remember that a company specialized in the field of data destruction should have special rights – for example, an ISO certificate as part of the service of erasing information from storage media.
BUY A PROFESSIONAL DEGAUSSER AND / OR SHREDDER
If you do not want to use the services of an external company, you can purchase the appropriate equipment that will delete data from the media. Here, producers of demagnetizers / degaussers – devices that destroy the data of magnetic carriers (hard disks, magnetic tapes) with the help of a strong electromagnetic pulse come in handy. It is important that the degausser operates in accordance with applicable global security standards and guidelines for data destruction. When choosing a device, it is worth paying attention to additional functionalities (e.g. scanning media by the application on a mobile device, which facilitates the process of reporting the amount and type of demagnetized media).
Another effective way to remove data from storage media is to use a shredder that will physically deform or fragment it. Automatic or manual models are available on the market. When buying a device, it is worth paying attention to which standards the machine operates.
Many companies have strict standards on how to remove information from media. They recommend using a demagnetizer first and then a shredder.
Persons responsible for information security in an enterprise or institution should be aware of the consequences of ignorance or simple negligence in the storage and destruction of data. That is why it is worth focusing on cyclical training of IT managers in the field of applicable regulations and safe and effective methods of data destruction. It is these people who most often decide how to dispose of data that the company has. And the uncontrolled leakage of sensitive information can threaten a company not only financially but also legal consequences.