When you have sensitive information stored on a drive that’s no longer needed, how should you get rid of it?
Properly disposing of unneeded data is an important part of protecting your business’ security and privacy. Data that’s truly been destroyed is impossible to use, but not all data that appears to be removed has truly been erased. This is important because data left on devices can be recovered. For example, if your business throws out old hard drives, someone who finds the drive could recover the information kept in it.
The two key practices for safely disposing of data are:
- Overwriting. When you need to remove data from a hard drive, but still plan to use the drive itself, it is not enough to press delete. Deleting files on a drive only removes the reference your computer uses to find the data. The data is not truly gone until something replaces its space on a drive. This is called overwriting.
- Physical destruction. If you are replacing hardware, such as a hard drive or a USB stick, the best thing to do for data security is to physically destroy the device. There are disposal companies that can do this for you or you can do it yourself. Damaging a device is not always enough, however. It must be completely broken so that a computer cannot read the data. As an added precaution you can overwrite a drive before destroying it.
Safe disposal is an important part of preventing accidental privacy breaches.