Which is more secure – physical destruction or data erasure?
As NIST explains, “Destructive techniques for some media types may become more difficult or impossible to apply in the future. Traditional techniques such as degaussing (for magnetic media) become more complicated as magnetic media evolves, because some emerging variations of magnetic recording technologies incorporate media with higher coercivity (magnetic force). As a result, existing degaussers may not have sufficient force to effectively degauss such media.”
Physically shredding flash storage presents security challenges, as the density of data per drive is progressively increasing while the drive size is decreasing. Typically, a shred width of 1/2″ or smaller is needed to break through the small memory chips and securely remove the data. Most standard industrial shredders will only shred to 1″ particle size—leaving data behind and available for hackers to restore with the right means.
Security throughout the full chain of custody can also be an issue. Tracking an asset at every step of its end-of-life journey (including during transportation to an off-site facility), is of the utmost importance. Sanitizing data onsite mitigates this risk, while also providing a full audit trail prior to destruction.
During the lifecycle of data, there are numerous levels of security to protect the integrity of that data (firewalls, encryption, etc). We take the same approach at the end-of-life or end-of-lifecycle by adding an additional layer of security by combining secure erasure and physical destruction in tandem, if physical destruction is required by regulation. That way, you’re adding an extra layer of secure protection to assets before they meet their demise.
How does secure data erasure result in monetary savings?
The average lifespan of a laptop is around four years, meaning 25 percent+ of an organization’s laptops are reaching end-of-life every year. Physically destroying valuable laptops, PCs, mobile phones and other IT assets not only comes with security risk (and a cost)—but also doesn’t give local public sector organizations the opportunity to erase and reuse those assets internally (saving money) or donate them to local schools in need. Simply storing assets with private data isn’t a great idea, either, as it can lead to sensitive data leaks. Data erasure is the only way to guarantee data sanitization across your IT assets with the confidence to reuse, resell or recycle them. And with Blancco’s scalable, plug-and-play solution, you won’t need to spend a lot of time or money on training employees.
How many overwrites are required for secure erasure?
Multiple overwrites are not necessary today, thanks to advances in technology. The common DoD standard does not account for newer technologies (such as SSDs) and recommends a three-pass method. However, the more recent NIST standard is now the go-to standard for the industry, as it takes newer technologies into account and has essentially replaced DoD requirements. This standard recommends a single, secure overwrite. Blancco offers both of these standards, along with 20+ others, allowing organizations the ability to choose the most effective, efficient method for their specific needs.
To continue reading, download the full PDF above.
[crp limit=”5″ heading=”1″ cache=”0″]