What is clear from a study by Glamorgan University is that the failure to manage data security risks remains a global problem.
The tide of instances where sensitive information is “found” on retired hard drives is yet to be stemmed. In our experience, the reason for this is that organisations do not conduct thorough assessments of the particular security risks that apply to them.
Organisations must examine every part of the data storage and destruction chain – including contractors and partners who may fall outside of internal procedures. Many do not do this until it is too late.
To be completely sure that information does not end up in the wrong hands, data on hardware that will be recycled should be erased on-site using accredited software.
Ultimately, security measures should be seen as an enabler of business, not a hindrance, and data protection must be uniform across an entire organisation – this is the only way to ensure the best possible protection of data.
Chief data recovery engineer, Kroll Ontrack UK