When we no longer need a certain media, we must dispose of it in a manner that ensures the data can’t be retrieved. This pertains to both electronic media and paper copies of data.
- Paper disposal.
- It is highly encouraged to dispose of ANY paper with any data on it in a secure manner.
- This also has standards and cross shredding is recommended.
- It is easy to scan and have a program re-assemble documents from normal shreds like the this one.
- Digital disposal – The digital disposal procedures are determined by the type of media.
- Deleting, Formatting and Overwriting (Soft destruction):
- Deleting a file just removes it from the table; everything is still recoverable.
- Formatting does the same but it also puts a new file structure over the old one. Still recoverable in most cases.
- Overwriting is done by writing 0’s or random characters over the data.
- As far as we know there is no tool available that can recover even single pass overwriting (not possible on damaged media).
- Degaussing destroys magnetic media by exposing it to a very strong magnetic field.
- Full physical destruction is safer than soft destruction:
- Disk Crushers do exactly what their name implies: they crush disks (often used on spinning disks).
- Shredders do the same thing as paper shredders do, they just work on metal.
- These are rare to have at normal organizations, but you can buy the service.
- Incineration, pulverizing, melting and acid are also (very rarely) used to ensure full data destruction.
- Disk Crushers do exactly what their name implies: they crush disks (often used on spinning disks).
- Deleting, Formatting and Overwriting (Soft destruction):
- It is common to do multiple types of data destruction on sensitive data (both degaussing and disk crushing/shredding).
- While it may not be necessary, it is a lot cheaper than a potential $1,000,000 fine or loss of proprietary technology or state secrets.