Best Practices for the Destruction of Digital Data

Friday, August 31, 2012

Ben Rothke


It is often said that nothing is as simple as it seems.  Take for instance deleting data on your storage device.  For most people, all they think they need to do is delete the file. How mistaken they are.

As my friend Ryk Edelstein and his co-author Dr. Gordon Hughes detail in Best Practices for the Destruction of Digital Data, it is often not that simple.

The authors write that the ability to perform effective data deletion (the official terms is data sanitization) hasn’t kept pace with the advances in high capacity, hard drive storage technology. 

With laptops shipping with terabyte hard drives and 8GB USB sticks selling for $5.00, media often comes into organizations much quicker than it can be sanitized.

In 50 pages, the authors provide a comprehensive overview of the available technologies for effective sanitization.  It also details the specific practices necessary to develop effective data destruction policies. 

The need for effective media destruction is imperative; given that digital media is the data crown jewels of most organizations.  From payroll data, financial records, to personal information and company/trade secrets; there are terabytes of data that when it reached the end of its lifecycle, need to be effectively sanitized.  Using the wrong approach or using the correct approach in an erroneous manner can put an organization as serious risk.

Failure to adequately sanitize media can have catastrophic consequences to a business, including financial loss, damage to a company’s reputation, regulatory violations and civil and criminal liability for Directors and Officers.

Best Practices for the Destruction of Digital Data is a great resource written by two of the brightest minds in the industry that details how to implement a sanitization process and the tools needed to do it right.

While data destruction is not as simple as it seems; it has to be done and at $9.99, the price is definitely right and the information provided is invaluable.  After reading Best Practices for the Destruction of Digital Data, it will hopefully make a necessary task, somewhat simple.

Full disclosure, in case you didn’t notice it the second sentence, co-author Ryk Edelstein is a friend of mine and he gave me a copy of the book for free.  He also bought me lunch in 2011.

Cross-posted from RSA

Possibly Related Articles:
Security Awareness
Information Security
Compliance data destruction Enterprise Security Best Practices Data Loss Prevention Book Review
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.