News Stay informed about the latest enterprise technology news and product updates.

Data destruction requires more than just encryption

Proper data destruction, through encryption, degaussing and other methods, requires a comprehensive approach, according to Gartner.

Most companies strive to analyze corporate data to improve the bottom line. But how many companies put the same time and effort into ensuring that corporate data is disposed of properly when it is no longer needed? Not nearly enough, according to a recent report from research firm Gartner Inc.

In 2006, for example, an American electronics retailer resold a retuned hard drive with the original owner's data still stored within. More recently, in February, U.K.-based Fitness First simply discarded customer data in a regular garbage bag and left it on a street corner to be collected. The bag was later found, not far from the gym, ripped open, and Fitness First now faces potential lawsuits by its members for violation of Britain's Data Protection Act.

These are particularly egregious cases, and most large and midsized organizations have formal data-destruction policies in place, usually including data encryption, according to Jay Heiser, an analyst with Stamford, Conn.-based Gartner and the report's co-author. But encrypting data before discarding it is often not enough, Heiser said, and companies should develop comprehensive data destruction plans to ensure that data is disposed of appropriately.

Failure to do so could prove costly. Violating the bevy of regulatory and compliance rules enacted over the last decade for handling corporate and personal data, including the Health Insurance Portability and Accountability Act (HIPAA) and the Sarbanes-Oxley Act, can result in expensive lawsuits. In addition, a data breach can cause serious damage to the corporate brand.

"If you want to keep your company's name out of the newspaper for data leaks, data destruction is something you've got to ensure is being done carefully," Heiser said. "Just because you put your head in the sand doesn't mean the data isn't leaking out of your organization."

Reuse, recycle or destroy

In this age of global warming and green computing, pressure is mounting on organizations to reuse or recycle their computer hardware when possible. Overwriting -- replacing one set of data with another while still allowing the original data to be recovered -- is one method, Heiser said. Overwriting capabilities are built into nearly all hard drives, he said, but they can still leave traces of sensitive data.

"The trouble with normal overwriting is that it's slow and it's not actually 100% reliable, and [very often the data] can be recovered by a specialist lab," he said. "Normal overwriting is like trying to erase an Etch-A-Sketch. There's always something left behind."

A more effective form of overwriting, called Secure Erase, is a better option, Heiser said. Secure Erase capabilities began being built into hard drives in 2001, so it's not available on some older machines. "Secure Erase is a very fast, very secure form of overwriting that strongly resists any sort of laboratory, after-the-fact attempts to recover the data."

When reuse is not the goal, outright destruction of data sources -- rendering the data unreadable or otherwise useless -- is required. But destroying data sources is not as easy as it sounds, because hard drives and other magnetic media are extremely durable. "Data media usually contain large amounts of recoverable data, even after extensive impact, water or fire damage," Heiser writes in the report.

More on regulatory compliance and data privacy
Read about IBM's compliance warehouse for unstructured content  

Find out how database activity monitoring helps with SOX compliance  

Learn how to manage HIPAA privacy and security compliance costs
To destroy a data source adequately, organizations have two options, he said. The first is to expose magnetic data sources to a powerful magnetic field, obliterating any data it contains, a technique called degaussing. Degaussing requires specialized equipment, however, and is not suitable for nonmagnetic data sources like CDs and DVDs.

The second option is the old-fashioned approach: physically destroying data sources. Physically destroying small data sources like CDs and DVDs in-house with a cross-cut shredder is easy enough, Heiser said. But destroying larger devices, including computer hard drives, often must be carried out by an outside contractor, such as a "licensed metal smelter or incinerator facility." Companies should ask outside contractors to explain their destruction practices and to supply a certificate of destruction when the work is complete, he said.

Regardless of method, all companies should follow a life-cycle approach to IT risk management that explicitly plans for data destruction, Heiser said. To do otherwise could leave data and organizations at risk.

How does your company dispose of unneeded data sources? Email editors with your story!

Dig Deeper on Healthcare data management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.