Debunking Data Sanitization Myths

Data protection is critical for any organization. However, even after deleting or formatting sensitive data from storage drives or devices, it is still prone to be recovered. Now you’re wondering how! If you’re thinking that deleting/formatting data from a storage device saves you from data leakage/theft, you’re among those who believe in such myths. Let’s address and analyze some common myths about data wiping and correct them.

Special Offer from Stellar Get exclusive offer on data erasure software and service, drop an email to help@stellarinfo.com

Myths about Data Wiping

Myth 1. Mere deletion of files sanitizes the device
Myth 2. Formatting the drive wipes the data permanently
Myth 3. Degaussing works for all devices
Myth 4. Physical destruction of storage media is always the best choice

Myth 1. Mere Deletion Permanently delete Data from Storage Device

When you delete files or other data from a storage device, only the references are removed but the data remains intact on the drive. Therefore, simply deleting your critical business data and disposing of the storage device exposes you to a risk of data breach/theft. You can easily recover deleted data by using a data recovery tool. It is better to use certified hard drive data eraser software such as BitRaser® Drive Eraser that can erase data beyond the scope of recovery from a drive.

Myth 2. Formatting Wipes Data Permanently from Hard Drive

Formatting is not a permanent data erasure solution. After formatting, you couldn’t access the data but it may still be present on the drive/device. Anyone who gets a hold of a formatted drive can use data recovery software to fetch the data and misuse it, thus putting your reputation and business at stake. According to a residual data study on second-hand devices by Stellar, 71% of devices contained personally identifiable information, personal data, and sensitive business data.

Myth 3. Degaussing Works for all Devices

Degaussing is a technique that works on magnetic storage devices that store data in the form of magnetic fields.

However, it can’t sanitize non-magnetic storage devices such as SSDs, which store data on semi-conductor chips, not on spinning platters. In the same way, it doesn’t work on optical media devices. Therefore, it is better to first understand the nature of storage media and apply the proper data wiping method, accordingly.

On the other hand, degaussing is not an effective method to sanitize flash memory-based storage devices and emerging magnetic storage media. According to NIST SP 800-88 Guideline, “Existing degaussers may not have sufficient force to degauss evolving magnetic storage media and should never be solely relied upon for flash memory-based storage devices or magnetic storage devices that contain non-volatile non-magnetic storage”. Therefore, it is better to use a data erasure tool, which supports NIST SP 800-88 and other international standards, for permanently wiping data from storage media.

Myth 4. Physical Destruction of Storage Media is Always the Best Choice

Physical destruction methods such as crushing, shredding, and disintegration are always considered the most effective for data sanitization.

However, it depends on the type of drive and the shredder or crusher used for destruction. For instance, the standard industrial shredders are effective for HDDs as they store data on spinning platters. But SSDs store data on semi-conductor chips, which may sometimes slip through from industrial shredders. There are chances that data can be recovered from these chips. You can choose an SSD dismantling service for destroying data from Solid State Drive.

On the other hand, shredding and other physical destruction methods are not feasible on company premises, due to logistical and financial constraints. The need to ship out storage drives to an outside shredding facility for sanitization may pose a threat of data leakage from the media while it is in transit.

Moreover, data sanitization by physical destruction of the device is costlier and leads to e-waste. Also, it can only be done by experts with the help of media destruction equipment such as grinders, crushers, shredders, etc.

Consult an Expert

If you’re not sure which data sanitization method to choose, or you want an expert to take the call, you can seek the help of Stellar’s Data Wiping Service. Stellar uses propriety tools and specialized equipment to sanitize confidential business data with utmost privacy and integrity.

Conclusion

Business data is crucial as businesses rely on it. Hence, you need to have an excellent data sanitization policy in place. It helps prevent data breaches while disposing of the storage device and keeps you away from piling up the unwanted storage devices due to non-disposal.

Data deletion or formatting of the storage device are NOT the data sanitization methods. A data recovery software can recover deleted or formatted data from the drive.

Therefore, you must have a proper action plan for data wiping. It depends upon the type of storage device, its working condition, and the sensitivity of data.