Management Toolkit

Don't take data-wiping methods for granted

Scott Lowe Tech Republic

Published: 13 Sep 2006 14:00 BST

A few years ago, a minor data breach may not have been considered a significant event in the life of an organisation. Today, however, even the smallest breaches open companies up to major public relations and legal nightmares, thus disproving the old adage that "any publicity is good publicity".

Because of the heightened sensitivity of personal data, companies must take significant steps to protect this kind of information. There are a number of items related to your various storage systems that you should keep in mind to help protect your company's data — and image.

Make sure your data stays your data by taking appropriate disposal steps with your storage devices and media, including:

Hard drives
Floppy disks
CD-ROMs
USB drives
Laptop storage
iPods

Misconceptions abound
Even with the spectre of data loss looming in the news, some companies still don’t take steps to delete data properly from computers that have been leased or are at their end of life. Companies are relying on outdated methods of data wiping that have been superseded by new technology.

For example, there was a time when IT staffers were told simply to format hard drives before sending a computer away at the end of its life. However, formatting alone became insufficient due to the widespread availability of cheap data recovery utilities. The same holds true for those that simply remove partitions. While this operation will make the data appear to vanish, the information is actually very, very recoverable.

In theory (and sometimes in practice), demagnetisers zap (degauss) a drive with a powerful magnetic field, thereby making data recovery very difficult. However, notice that I did not say impossible. Even these devices are not sufficient to protect a company when it comes to data compliance regulations. In many cases, a single degaussing won't do the trick.

Before I continue to discuss what your options are for securing your data, I should mention that there are many people out there who do not feel that the data on their computers warrants any special consideration. This is particularly true of home computer users, or computer users…