In an era where data breaches and cyber threats are becoming increasingly common, ensuring that...
Why is Data Destruction Important?
The IT Director had one simple order: destroy the data. The old hard drives—and the data they contained—needed to disappear. He didn’t care how; he didn’t really want to know. All he wanted was the company’s data to be safe. The young assistant was assigned the task. He tried waving the strongest magnet he could find over the drives. An older assistant said that wasn’t good enough. So, the young assistant took a hammer to the drives and even drilled holes in it. Sweating and convinced of his good work, his shoulders sagged when told by his elder that even all those precautions weren’t good enough. Fed up, the young man dropped the drives into a concrete container, locked it, and dumped both container and key into the river.
The older assistant fairly yelled at the young man when told of the drives’ fate. Even that wasn’t enough. Plus, the young assistant would need to extract the container from the river. Frustrated, the young man yelled out, “Then how far do I need to go to destroy all that data?”
How Important Is Data Destruction?
The above story may stretch incredulity, but it does stress a crucial point: data destruction done right should be a top priority for every business. As a company, you want to protect your data and make sure it never ends up in the wrong hands. Data breaches lead to lawsuits, fines, and loss of business. All that can be avoided when proper data destruction is enacted on old hard drives and outdated assets containing drives. It behooves every business concerned about its longevity to develop a solid program that can securely dispose of their sensitive data.
However, as the above story also illustrates, it’s possible to think enough has been done to destroy unnecessary data when that is not the case. How far does one need to go to achieve proper data destruction? “Homespun” measures like using a hammer or simply locking and hiding hard drives away might offer some protection but not enough. Various organizations and certifications were developed in the past 20 years to develop industry standards by which to measure how far is far enough when it comes to data destruction. In general, there are two options that are considered adequate ways to make data disappear: Sanitization and Shredding.
Data Destruction Option #1: Sanitization
Back in 1995, the US Department of Defense published an erasure algorithm known as DoD 5220.22 M. This standard called for overwriting the data on a hard drive with three passes of ones and zeros followed by a verification pass at the end. If the drive survived this procedure, it was considered clean of any data. Over the next decade, it underwent several revisions, at one point calling for a 7-pass wipe process. However, with the rise of solid-state drives (SSDs) and other flash storage, the old standard was found lacking. So, the NIST 800-88 standard emerged in 2006. This lowered the wipe time of drives by calling for only a 1-pass wipe.
With these standards in place, software has been developed for erasure/sanitization programs that safely destroy data on hard drives. The value of this method is that the drive can be used again instead of being irrevocably destroyed. As a result, this is not only good for the environment but also allows a corporation to reuse hard drives indefinitely. A problem arises when a drive physically fails or is no longer valuable for use. If it’s not worth wiping, what’s the next acceptable route for data destruction?
Data Destruction Option #2: Shredding
When most people think of data destruction, shredding—or some other form of physical destruction—is likely what they have in mind. On the surface, it seems like the easiest to employ without bringing in third-party help or sanitization software. Properly destroying a drive physically, though, is not as easy as hitting it with a hammer or drilling holes into its plates. Shredding the drive into strips, on the other hand, is the approved method.
With a drive physically torn apart, the damage to the disk is irreversible. Plus, throw a bunch of drives together for destruction and there will soon be a pile of mixed drives and disks that would be impossible to reassemble. When drives are physically destroyed like this, a company’s information is safe—beyond the hands of those who would use it to their own advantage. A new question arises: what to do with all the shredded material once the job is done? In fact, is there a flexible option that offers sanitization or shred? Why, yes, there is.
The Best Option for Data Destruction: Synetic Technologies
The main challenge for a company, of course, is finding a third-party vendor with a trustworthy program. Synetic Technologies has that program, backed by an array of top industry certifications. We offer virtual data destruction through an in-house developed sanitization technology. With the Virtual Data AnnihilatorTM, we keep detailed reporting of every wiped drive to allow clients the ability to pull details about each device. This route reduces the risk of a data breach while providing an environmentally friendly way to reuse old drives.
But Synetic is not a one-trick pony in the data destruction field, we also cover physical destruction with hard drive shredding. While we have a shredder at our secure facility, we also give clients the option to destroy drives on their campus with our mobile data destruction vehicle. This mobile option gives a concerned company the satisfaction of seeing sensitive data being properly destroyed. No matter where the drives are shredded, however, their mortal remains are disposed of in a responsible way as part of our across-the-board commitment to keeping our planet a clean, green place.
No corporation need ever worry if they're doing enough to destroy their data—not when Synetic is around! With our broad, comprehensive umbrella of data destruction services, we cover any need a company could have when it comes to best practices in this area. Put the drill and hammer down, and stop considering the river; Synetic can make sensitive data “disappear.”