Cloud Magna Data Erasure Case Study

Vast amounts of sensitive data are stored in both data center and cloud environments, including employee records, customer information and intellectual property, just to name a few. And the simple truth of the matter is that typical file-deletion commands don’t truly remove all traces of data. They simply remove pointers to the disk sectors where data resides. For that reason, “deleted” data can still be recovered with common software tools. So while most CIOs and IT professionals are aware of such security dangers, they’re still not always taking the right precautionary measures. Worst of all, security breaches can impose heavy financial burdens, compromise the integrity of intellectual property and even put classified information into the wrong hands. Whether an organization operates its own data center, stores its data in the public cloud or provides cloud-based data storage to other firms, certified data erasure is the only sure-fire way to protect your business, your employees and your customers.

Cloud Magna, a provider of cloud computing, provides hybrid cloud infrastructure for any size company in the world. Its clientele includes both public and private sector organizations, such as corporations, academic institutions, small and medium-sized businesses and even government agencies.

Highlights

• Ensured sensitive data is permanently removed from enterprise workstations and servers before assets leave company premises
• 57% of IT professionals in data centers made undocumented changes**
• 39% of undocumented changes were root cause of some security breach or other**

* https://www.csoonline.com/article/3153707/security/top-5-cybersecurity-facts-figures-and-statistics-for-2017.html
** 2014 State of IT Changes Study

Challenge

In July 2010, Mexico’s Federal Institute for Access to Information and Data Protection (IFAI) published the new Federal Law on Protection of Personal Data held by Private Parties. Then in November 2013, President Enrique Pena Nieto announced the country’s National Digital Strategy, which would focus on improvements in five key areas: connectivity, inclusion and digital skills, interoperability, legal framework and open data. And with this new initiative came the mandate to prove that data is erased permanently, without a shadow of doubt. Because the federal government of Mexico accounts for 80 percent of Cloud Magna’s annual revenue, it was paramount to meet this requirement if it hoped to win the government’s business year after year.

Previously, Cloud Magna used security software from Symantec for nearly 8 years, specifically for malware, encryption and anti-virus protection. But that changed when Symantec acquired PGP Corporation in 2010. The newly merged company was then able to offer its PGP Shredder solution. But because of the government’s tightened grip on data protection in Mexico, Cloud Magna knew it could not afford to do “business as usual” with Symantec. It had an obligation to investigate if the PGP Shredder solution would, in fact, guarantee certified erasure and provide a 100% tamper-proof audit trail that could be presented to government officials at the time of submitting contract bids. And that led to the discovery that the Blancco data erasure solutions were the only sure-fire way to safeguard against data breaches and cyber attacks.

Solution

Because transparency and regulatory compliance are so important, Cloud Magna’s IT administrators and managers use Blancco Management Console to monitor, track and report on erasures regularly. Whether it’s a corporation, a small or medium-sized business, an academic institution or a government agency, Cloud Magna’s customers now have the power to see and prove definitively that all servers, data centers, hard drives, computers/laptops, portable flash media and mobile devices are truly erased.

The impact on Cloud Magna’s business has been tremendous. For one, our data erasure solutions have streamlined operational efficiencies and reduced asset management costs. In addition, the Blancco technical support team have become a critical extension of the company’s IT support staff with ongoing certification training, courses and seamless phone support. And finally, Blancco’s 18 certifications, approvals and recommendations from agencies like NATO, US Department of Defense and others have become a major point of differentiation that cannot be matched by any other software provider.

Results

Safeguarded 80% of the company’s revenue. Protected data for 3 million federal government employees. Saved $3.8 million in data breach costs.

“Our measurement is simple. We just look at if the data was truly erased. It’s either a 0 or 100.”

Jose Antonio Sanchez, CEO, Cloud Magna

About Blancco

As the de facto standard in data erasure, Blancco provides thousands of organizations with an absolute line of defense against costly security breaches, as well as verification of regulatory compliance through a 100% tamper-proof audit trail. Our data erasure solutions have been tested, certified, approved and recommended by 18 governing bodies around the world. No other security firm can boast this level of compliance with the most rigorous requirements set by government agencies, legal authorities and independent testing laboratories.