The importance of sanitizing and disposing of old data
Maintenance keeps the machine working, and in the world of IT infrastructure, part of that upkeep is data sanitization. Though, while the name might imply “cleaning” data, what it really means is the permanent removal of old information.
More than ever, the importance of data has never been higher. With such high frequencies of information exchanged over internet-facing devices, doubly so with remote environments, keeping data safe is critical. Sanitization is all about purging old info which still exists on retired devices, discs, hardware, and server units.
As you might guess, the removal of this data is called “sanitization.”
Example: We’re retiring our old laptops in exchange for new ones, so we need to sanitize them before their removal.
Despite its importance, not all businesses and organizations employ it.
Some might reformat or “reimage” a HDD or SSD. But in those cases, old data isn’t necessarily deleted. The OS is overwritten and FAT (file allocation table). That means the information is still part of the older hardware.
The importance and methods for data sanitization
For some organizations, data sanitation may seem unimportant. But with new data threats emerging every day, increased reliance on remote activity, and the numerous ways information is exchanged, the need to safely dispose of data is as critical as ever.
If your organization hasn’t done any kind of sanitation, now is a good time to consider it. Especially if your enterprise handles sensitive consumer information, or similar. How do you go about data sanitization, then? There are three primary methods, and each works differently for an organization or individual. The selected method, obviously, is determined by how they store and exchange data and the devices used for said exchange.
Before deciding on what sanitation method, take stock of the devices/hardware you’ve retired (or plan to).
How to data sanitize
In most cases, retired hardware is usually sold or donated, which is why sanitization is crucial. Think of this way: if you were selling off your old home PC, you wouldn’t want any of your old personal/sensitive info on it, would you?
As for sanitation, the three methods are destroying the actual device (or devices), total data erasure, and data masking.
Physical destruction of record media, as you can imagine, guarantees information is unusable. Old files may be shredded, for example. But with devices like laptops and computers, that’s a different method. Improper destruction of physical media is both hazardous for yourself and the environment. Proper physical destruction of said media usually requires industrial shredders or similar.
Magnetic fields (degaussers) also work, as they erase data when the hardware is exposed.
Data erasure is another method that replaces all information on a storage device with numeric “gibberish,” or random 1’s and 0’s. This method deletes and totally replaces all bytes of data, typically preferred by industry professionals and a reliable way to remove old data.
Over physical removal, it’s often the better option, since data removal can be verified while destruction of hardware is not necessary.
Other methods, like cryptographic erasure and data masking are implemented. It’s important to note that some standards of removal require specific methods for data and hardware disposal.
How you choose which sanitization method to use, again, depends on your intent for legacy hardware.