The surge in telecommuting and the heightened threat from cybercriminals in the wake of the global pandemic has put data privacy and security concerns at the forefront of businesses. To help mitigate potential risks, many organizations are detecting vulnerable access points that could lead to a data breach.
One access point often overlooked is sensitive information on decommissioned endpoint devices such as laptops, desktops, mobile phones, tablets and servers. This may include†:
- Personally identifiable information (PII): Data that could be used to identify, contact or locate an individual or distinguish one person from another
- Personal health information (PHI): Medical history, insurance information and other private data collected by healthcare providers that could be linked to a certain person
- Personally identifiable financial information (PIFI): Credit card numbers, bank account details or other data concerning a person’s finances
Sanitization and Disposition Options
When technology equipment is no longer in use, implementing stringent media sanitization and disposal protocols is a vital step to minimize the chance of data theft. To help ensure compliance with industry regulations and certify sensitive information doesn’t wind up in the wrong hands, organizations should follow the three sanitization methods recommended by the National Institute of Standards and Technology (NIST) Media Sanitization Guidelines.
Clearing data is the most common sanitization method and involves the use of software or hardware products to overwrite user-addressable storage space on media using the standard read/write commands on a device.
For hard disk drives (HDD), the security goal is to render the data irretrievable with at least a single write pass by replacing the target data with non-sensitive data such as a series of zeros. For solid-state drives (SSD), or if a company requires higher security measures be taken, multiple write passes or more complex values may be used to ensure data is completely erased.
For mobile devices or other office equipment in which rewriting is not supported, following the manufacturer procedures to reset the storage device to its factory state may be the only option to clear the device and associated media.
- Pro: An easy and cost-effective option that can be performed on-site by trained IT staff to overwrite data on storage medium.
- Con: Overwrite may not provide complete sanitization for all media types and sizes and cannot be used for media that is damaged or not rewriteable.
Purging data is accomplished by using a variety of logical and physical techniques to render target data infeasible to recover, even in a laboratory environment.
The way media is purged varies by media type and may include overwrite, block erase, and Cryptographic Erase‡. These techniques bypass the abstraction inherent in typical read and write commands to sanitize the device and require the removal of hidden areas of drives such as Host Protected Areas (HPA) or Device Configuration Overlays (DCO), if they’re present¶.
- Pro: A highly effective option for confidential data since it provides a more thorough level of sanitization than Clear.
- Con: This method may render some types of devices inoperable which eliminates any potential end-of-life value.
The destroy method is the complete physical destruction of media. Not only will the information be unrecoverable using laboratory techniques, but it also hinders the reuse of the media itself.
The application of destructive techniques and procedures vary based on the media type and may be the only option when Clear and Purge methods cannot be effectively applied to the media—or when the verification of Clear or Purge methods fail. These techniques are highly specialized and are best carried out at a licensed facility with the capabilities to securely and safely disintegrate, pulverize, melt, and incinerate media.
One exception is flexible media (e.g. diskettes) which can be destroyed using a paper shredder once it is physically removed from its outer containers. It’s important to note that the shred size of the refuse should be in proportion to the confidentiality of the data and provide reasonable assurance that the data cannot be reconstructed. As an added measure, the shredded material can be mixed with non-sensitive material (e.g. shredded paper) to make data recovery even more difficult.
- Pro: There is no way to recover data or the media itself since it goes through the physical process of shredding, disintegration, pulverization, melting or incineration.
- Con: Media destruction and disposal requires state-of-the-art machinery and an experienced, certified IT asset disposal (ITAD) provider to successfully perform these services.
How We Can Help
Data plays a vital role in every business, but without an effective plan for retired IT equipment your organization could be at risk of losing sensitive information.
At Huntington Technology Finance, we work with you to develop a technology refresh strategy that includes asset chain of custody and accountability through certified ITAD providers, so you can be certain media is sanitized and disposed of in accordance with NIST guidelines.