End-of-life IT assets present critical challenges to all businesses that handle sensitive data. Factory resets and hard drive formatting leave valuable data behind, so any method that fails to verify complete data destruction risks leaving data accessible.
By Bridgette Vermaak, ITAD specialist at Xperien
There are important considerations to consider when decommissioning end-of-life electronics and data storage devices. To ensure no sensitive data is left behind, Xperien has introduced a decommissioning checklist for PCs, laptops, and other IT assets.
All electronics and hard drives will have to be retired eventually, even if the data gets transferred to another device. For this reason, it is critical that during the decommissioning process that all stored data is made permanently inaccessible.
When it comes to end-of-life data protection, confidentiality is the primary concern. This is particularly true when unauthorised data exposure could cause great financial loss, brand damage or other harm if made available to the wrong people.
Even if this once-valuable data is completely obsolete or unimportant to the company now, it can still be valuable for hackers and black market data brokers. Businesses cannot risk data leaks from data that can be found or reconstructed from discarded storage devices; it could lead to heavy fines, huge financial losses and reputational damage.
So how does one make sure all highly sensitive data is completely destroyed at end-of life?
Sanitisation
Data sanitisation is the process of deliberately, permanently and irreversibly removing or destroying the data stored on a memory device to make it unrecoverable. This definition is in line with Gartner’s 2019 Hype Cycles. A device that has been sanitised has no usable residual data, and even with the assistance of advanced forensic tools, the data will never be recovered.
According to Gartner, there are three methods to achieve data sanitisation: physical destruction, cryptographic erasure and data erasure.
The pros and cons of cryptographic erasure are explained in Blancco’s white paper titled ‘The Crypto Erase Conundrum: What’s Your Organization’s Risk Tolerance?’. Although shredding drives and degaussing are often considered the preferred methods of final drive destruction, how does one know the best sanitisation method – and whether to choose between physical destruction or data erasure?
It is importantly to understand whether the data one needs to protect will still be considered high-risk or highly confidential for months or years to come. This is critical as data recovery techniques become more advanced and data recovery tools and skills become more commonplace. This may also influence the decision on whether one wants to meet, or exceed, bare minimum regulation requirements.
For sensitive data that will remain valuable for a long time, one needs to ensure that it is successfully removed from devices and device fragments for both now and in the future.
Even if the data on an old drive is sensitive and will be reused within the same company, it must be thoroughly sanitised in a way that protects the data while preserving the life of the drive. This allows a drive previously used, for example in the finance department, to be re-distributed to another department without the fear of staff salaries and bank account details being exposed internally.
However, once a drive leaves the company, they no longer have any control over any potential data access. Any residual data may be exposed long after the company has disposed of these assets.
Data sanitisation procedures can provide adequate data protection for most needs for most companies, if executed properly from the beginning to the end of the process. So, for any company concerned about protecting data at end-of-life, they must realise that trouble occurs when data sanitisation is executed incorrectly.
Physical destruction and secure data erasure
Physically destroying hard drives, laptops, PCs, mobile devices and other storage devices, offers objective acknowledgement and verification of data erasure’s security and effectiveness. However, data may still be recoverable. It is therefore recommended that one first performs secure and complete data erasure.
Secure data erasure can be done in live environments or be applied to hundreds or even thousands of drives onsite. With a thorough chain of custody process in place, it can also be performed at an ITAD facility. After devices have been erased, one can safely destroy them without fearing human error, unintentional loss or deliberate hacking.
Other risks
There are still other risks, even if the correct data disposal processes are followed precisely for each drive type. One needs rock-solid chain of custody measures in place in any physical destruction scenario or there’s a risk of loss or theft simply by giving a third-party data destruction service access to one’s devices.
Whether destruction is conducted on-site with mobile shredders or degaussers, or transported to an IT asset disposal (ITAD) facility, there is always risk involved since there are many points of vulnerability.
Carefully vet the service providers, from ensuring secure transit of drives, checking for adequate staff clearance, providing a clear audit trail of each device from receipt through sanitisation and to disposal. Also ensure that all equipment is in good working order and ensure all staff is well-trained in the correct drive destruction and verification processes.
Applying these practices when looking for a data destruction vendor will reduce the risk and minimise the chances of data being susceptible to breach.
Just as care should be taken when selecting a drive destruction provider, it’s important to choose your data erasure solution carefully. For example, Blancco data erasure software has been tested, certified, approved and recommended by more than 15 governing bodies around the world.
Its data erasure software erases to more than 25 standards and provides tamper-proof reports to meet security and regulatory compliance requirements.