Growing concerns about data privacy and leakage, and regulatory compliance, along with the ever-expanding capacity of data media, make it increasingly important that unwanted data storage components, including anything containing storage components (such as PCs), be properly handled when it has reached the end of its useful lifetime, says Gartner, in its 'Best Practices for Data Destruction' report.
“Many organisations, and most of the mid-size to large ones, have policies on how information media should be disposed of at the end of its working life. However, even organisations that have a long history of carefully destroying obsolete tapes and hard drives are increasingly letting sensitive data leak because they are not aware of all the forms that it takes,” the report states. “Although encryption can help reduce the level of data leakage, for the near future, no organisation can expect to comprehensively protect all forms of sensitive information through encryption. There will always be information media that contain sensitive clear text data that need to be properly dealt with at the end of its productive life.
“In addition to devices that are explicitly meant for storage, a growing variety of hardware, including obsolete and broken components, contains persistent storage media. Storage devices and device-containing components are regularly taken out of active use so they are no longer under the direct control of the data owner or user, potentially allowing the contained data to leak to inappropriate persons within the organisation, or outside of it.
A growing variety of hardware, including obsolete and broken components, contains persistent storage media.
Gartner
“No data-carrying hardware or backup medium should ever be allowed to leave the control of the enterprise without first undergoing a data destruction control decision. Although few organisations have the discipline necessary to control CDs and DVDs, intelligence and military organisations do have this capability. Surplus equipment, or the media within it, and discrete storage media, can be recycled for additional use within the company, sold or donated, or discarded. The decision about which is appropriate should be based on an analysis of the sensitivity of the data that is potentially contained and the cost versus benefit of the sanitisation method chosen. The best practice is to ensure that no re-used or discarded storage device contains any readable or recoverable data, which can be accomplished by logical or physical destruction,” the report asserts.
“Data media usually contain large amounts of recoverable data, even after extensive impact, water or fire damage. The routine use of encryption, especially full-device encryption, dramatically reduces the potential for end-of-life data leakage, plus, green computing and data-wiping functionality built into PC hard drives are encouraging greater use of non-destructive data sanitisation processes,” the report notes.
Gartner has the following recommendations:
* Follow a life cycle approach to IT risk management that includes making an explicit decision about data destruction.
* Ensure that all media carrying sensitive or regulated organisational data, corporate owned and personally owned, is properly disposed of at the end of its production use.
* Implement data destruction policies that provide specific guidance on the form of destruction that is appropriate, based on data sensitivity.
* Total destruction is the preferred method of sanitisation for highly sensitive data.
* Document all data sanitisation processes and transactions. Assume that you may go to court, so prepare in advance.
* Include suitability for non-destructive data sanitisation as a "green" requirement when procuring all data-carrying components.
* Report courtesy of Gartner, information sourced from: Best Practices for Data Destruction, Jay Heiser, Frances O'Brien, 27 May 2008.
Share