In today’s interconnected digital age, information has become an invaluable asset. From personal records to business transactions, vast amounts of data are generated and stored every day. However, with the rise of cyber threats and privacy breaches, it has become crucial to recognize the significance of deleting information in accordance with information security standards. Deleting data not only helps protect individuals and organizations from potential risks and liabilities but also upholds the principles of confidentiality, integrity, and availability within the realm of data protection.
Organizations across various industries are bound by strict regulations regarding the handling and retention of sensitive data. These regulations, such as the General Data Protection Regulation (GDPR) and the Health Insurance Portability and Accountability Act (HIPAA), emphasize the importance of securely deleting data when it is no longer required for legitimate business purposes. Compliance with these regulations not only helps avoid legal repercussions and financial penalties but also fosters trust and credibility among customers and stakeholders. By following information security standards and deleting data in line with legal obligations, organizations can demonstrate their commitment to responsible data management.
In the unfortunate event of a data breach, the consequences can be far-reaching and devastating. Hackers and cybercriminals are constantly seeking access to valuable information that can be exploited for financial gain or other malicious activities. By implementing effective data deletion practices, organizations can reduce the impact of a potential breach. By deleting unnecessary data, particularly personally identifiable information (PII) or sensitive corporate data, the attack surface is minimized, making it harder for unauthorized parties to gain access to valuable assets. Moreover, deleting data that is no longer needed reduces the likelihood of accidental exposure or unintentional data leakage, mitigating the risk of reputational damage.
Effective data management is also a good reason for deleting information which is not needed anymore. Data storage is not an infinite resource, and as data volumes continue to grow exponentially, organizations face challenges in managing their data effectively. Storing vast amounts of unnecessary or redundant data not only increases storage costs but also makes data retrieval and analysis more time-consuming and complex. By adhering to information security standards and regularly deleting outdated or duplicate data, organizations can optimize their resources and enhance operational efficiency. Effective data deletion practices also contribute to streamlined backup processes, faster system performance, and improved data quality.
How
In general, any sensitive information should not be kept for longer than it is required. This sounds easy, but when you think about it, some potentially hard questions arise, like how do i proof i have deleted certain information, how do i manage the deletion of information when it’s stored at a supplier, or which deletion method should i choose (do i have a choice)?
Deletion methods
There are various methods to delete information, each has its pro’s and cons. Which you choose depends on the type of information you need to delete, which methods are available to you and possible requirements from regulations. Here is a short list of most common methods:
- Delete
deleting a file from an electronic device may remove it from a folder, but does not actually destroy the data from the device. Additional requirements might be needed to actually destroy the information. - Wipe or erasure
When using wiping or erasure technique, the data is overwritten (normally several times) so the data can no longer be read. The device which stored the data is still usable. Depending on the type of technique and the amount of data, it can be a time consuming process. - Degaussing
This is a technique used when the information is stored on magnetic storage devices, like hard disks, ssd’s, tapes, etc. It uses a high-powered magnet which disrupts the magnetic field of an electronic medium. This technique can effectively and quickly destroy an information on the magnetic storage device, but it also can destroy the device itself. - Physical destruction
There are multiple ways to physically destroy information and its storage medium, like shredding, incineration or just use a hammer and smash it to bits. Depending on the type of storage medium, the replacement costs can be high.
Proof of destruction
After the information has been destroyed, you might still be required to proof that the information is destroyed. But how do you proof that you don’t have certain information anymore? That’s why it is important to log your deletion actions. When using specific tools for the destruction of information, like when using wiping or erasure tools, keep the activity logs of these tools save as these can provide you with the correct evidence.
When the destruction of information is outsourced to a third party, make appropriate agreements on how they destroy the information (which methods) and how they can provide you with the evidence. Most of the times third parties provide you with a certificate of destruction.
Risks
The risk when deleting information is to choose the right method for your situation and the possibilities that you have or are able to get. When the information is very sensitive, you need to make sure that the data is actually destroyed and can not be retrieved in any way. Old hard drives are still found on dump sites which contain sensitive information!
Make sure that you have proof of the destruction of information. Specifically if that information falls under certain regulatory body like the GDPR or HIPAA. When information is leaked and the cause is pointing at your organization, you will need this evidence to show you did everything to keep that information save.
Example Control Ruleset
When the following controls are used, you should be compliant for this topic:
- information must be destroyed when no longer needed
- the method used to destroy information matches the sensitivity (higher sensitivity means more secure method)
- destruction of information is recorded or registered
- there are clear agreements with thirds parties who store sensitive information on how they destroy the data
Related links
Manage personal data at Microsoft Azure
Handling data erasure requests within Amazon S3 – AWS
Deleting objects in Google Cloud
