Data sanitization makes your data permanently unrecoverable, but don’t leave without verification.
Sometimes being careful is still not enough. While organizations rightfully pour resources into preventing data breaches while their electronic equipment is in use, what happens next? It is indeed equally important to establish protocols for end-of-life (EOL) equipment.
These days, your organization likely has legal and regulatory duties to consider. You can hardly escape the need to make sensitive customer and proprietary data fully irretrievable.
As Gartner notes in its Hype Cycle for Data Security report: “growing concerns about data privacy and security, leakage, regulatory compliance, and the ever-expanding capacity of storage media and volume of edge computing and IoT devices are making robust data sanitization a core C-level requirement for all IT organizations.”
But a third party that pledges to take the task of data sanitization off your plate is not the same as the job being done right.
Before you hire a partner for IT Asset Disposition (ITAD), it is helpful to know what data sanitization actually entails. It will help you eliminate any possibility of legal repercussions. Moreover, you can avoid a potential public relations disaster for a job gone wrong.
Here’s what you should know.
Verified data destruction is crucial
The Tech Target definition of data destruction goes like this: “the process of destroying data stored on tapes, hard disks and other forms of electronic media so that it is completely unreadable and cannot be accessed or used for unauthorized purposes.”
Although this may sound like an endpoint, it is not. Despite the poignant language, it lacks confirmation the process actually destroyed the data. In other words, unverified destruction makes your data vulnerable. The ever-expanding library of data protection standards demands more. For highly regulated industries, such as telecommunication and healthcare, nothing short of data sanitization will do.
A sanitized device has no usable residual data and cannot be recovered even with the help of advanced forensic tools. In other words, although data sanitization and data destruction are often used interchangeably, the former takes the latter to another level. In essence, it confirms, using recognized verification methods, that the data is permanently irrecoverable.
The methods matter
Let’s take a quick look at each:
According to the International Data Sanitization Consortium (IDSC), there are three ways to deliberately, permanently, and irreversibly remove or destroy data stored on a memory device: Physical destruction, cryptographic erasure, and data erasure. The nature of your business, the data at hand, and the stringency of the regulations that you need to meet determine which method is right for you.
- Physical destruction is the process of shredding hard drives, smartphones, printers, laptops, and other storage media into tiny pieces by large mechanical shredders or using degaussers. Although this method is effective, it’s not the most environmentally friendly option. And it also removes the opportunity to recoup value by remarketing the asset.
- Cryptographic erasure or crypto erase, is the process of using encryption software on the entire data storage device, and erasing the key used to decrypt the data. A quick and effective method, IDSC still cautions it is best used in transit or for information deemed non-sensitive. Since data does remain on the device, it should not be the method of choice. This is especially true when you need to meet certain regulatory requirements.
- Data erasure is the software-based method of securely overwriting data from any data storage device using zeros and ones onto all sectors of the device. This method achieves the highest form of data security. Furthermore, it is often the recommended method for the sanitization of highly sensitive data. And unlike other methods, it produces a tamper-proof certificate. The certificate verifies the erasure was a success, along with data about the device and standard use. IDSC also points out data erasure supports environmental initiatives and protects the resale value of the storage devices.
Receiving proof of destruction
So, how do you know your recycler performed the job in accordance with data protection standards?
Since you shouldn’t take just our word for it, here’s Gartner again: “ensure your ITAD vendor provides a certificate of data destruction with a serialized inventory of the data-bearing assets they sanitized. Include a clause within your ITAD contract giving you the right to audit the ITAD vendor’s data sanitization processes/standards to ensure their compliance with your security and industry standards (e.g., NIST 800-88). Regularly (e.g., annually) verify that your ITAD vendor consistently meets your data sanitization security specifications and standards.”
The NIST standard (the National Institute for Standards and Technology) provides the most comprehensive guidelines for media sanitization. Another widely used standard from the U.S. Department of Defense is DoD 5220.22-M, also known as the National Industrial Security Program Operating Manual or NISPOM.
Your ITAD partner must sanitize data in compliance with both, as well as, when applicable, HIPAA, the federal standard for the protection of sensitive patient health information.
To summarize: No guarantees or promises can take the place of official verification and certification when it comes to data sanitization. Only then can you rest assured that your data will never fall into the wrong hands.