If data is a company’s lifeblood, the number of predators waiting to feed on that data is staggering. Hundreds of millions of records have been verified as lost to data breaches, according to privacyrights.org, based on voluntary disclosure information. The actual number may well be into the billions. While estimates vary, it is difficult to confirm the exact number. The fact is, many penetrations are never publicly disclosed. In many of the larger security breaches, while record access has been confirmed, the full extent of compromise is often unknown.
Recent major data intrusions have targeted major companies, such as Home Depot, Target, Staples and Sony. Any entity which keeps records can be a target, small businesses, major financial firms and government agencies have all fallen victim to security breaches.
Fortifying Data
Every company knows that the internet is full of fly-by-night predators of the worst kind. They take measures and fortify defenses. IT security is a priority for most companies. They erect firewalls, analyze traffic logs, and skilled system administrators constantly monitor data flow. Competent professionals understand and also implement these measures, with the care of a king overseeing the construction of a castle.
However, even the most hardened data fortress has the same weaknesses of a medieval castle. The hardest security wall, with the most vigilant of sentries, can be breached if an access point is left wide open for intruders.
Protecting Your Assets
In the modern world, data troves are a company’s treasure. A loss of data may involve the loss of company secrets, financial records, privileged correspondence, client lists and payroll data. In addition to hard data, a leak can cause loss of hard earned branding power, trust, and clients.
A study by the Ponemon institute, entitled “2014 Cost of Data Breach Study: United States”, placed the average data breach at $201 per record. Take, for example, a spreadsheet or database listing with 10,000 customers. Damage control in this circumstance would typically set a company’s bottom line back by over two million dollars.
Physical Security
Many companies often overlook basic physical security. While all eyes are on the internet, data frequently slips right out the front door of the building. Each year hundreds of organizations, many with excellent online security, forget the fundamentals of protection. 23% of reported data breaches involved lost, stolen, or discarded storage devices in the last five years. Hard drives, in particular, are potent information centers.
After investing heavily in internet security measures, a surprising number of organizations make a critical mistake. They literally send old computers and storage systems out with the trash. Typically, obsolete computers, are electronically sanitized and donated or disposed of. Applying this strategy is an invitation to get pillaged.
Is Wiping the Drive Secure Enough?
The National Association for Information Destruction (NAID), in Australia, decided to investigate this question. They collected the discarded drives from individuals, companies, and also government agencies. Their results corresponded to results obtained in previous studies of this nature.
Of the examined drives, 90 percent had undergone some level of sanitization, including data overwrites and partition removal. Despite this, a significant amount of information was recoverable. Extracted records included: client lists, credit applications, confidential information, word and excel documents, medical correspondence, email boxes, personal files, and other key data. Had any malicious party examined these drives rather than a researcher, the amount of damage would have been considerable.
The bottom line is that electronically sanitizing data has significant hazards.
Physical Destruction
The risk analysis is clear. The only effective solution is complete hard drive destruction. An organization simply cannot afford to have vital information fall into the wrong hands. The loss of an information loaded drive can cause significant financial as well as reputation damage. The only safe solution is to completely destroy the drive, thus rendering it completely inaccessible.
Practical Solutions
Phiston Technologies provides a wide range of practical solutions for physical data security. We provide both secure off-site services as well as directly supplying equipment for in-house data destruction.
These include the MediaVise, MediaDice, and V-Spike systems. These products can demolish data storage devices to NSA specifications. The machines are easy to operate and are also brutally efficient. Each model has unique features designed to handle specific needs. Specific systems are for not only hard drives, but also solid state drives, cell phones, circuit boards and other electronics.
Contact us to find out which of our technologies best fits your company’s security needs.
