What happens to your devices when you are through with them? Do you put them in a closet and call it a day? When it comes to the expiration date of your hardware there are a few thing that need done to ensure that your data is safe after you are done with it. Even after you hit the delete key, there are methods and tools available to recover data from your system even though it was deleted. So what does it mean for you as an IT admin? It means that you need to securely wipe your devices of all old data.
Just like a lot of things in the IT industry, there is more than one way to skin a cat. The first option is a full format of a hard drive. This will overwrite the drive to being blank and will make it much harder to recover data. Still that data exists on the drive if someone were very motivated to get the data. After it has been wiped, one option here would be to overwrite the data with new dummy data. For most consumer tools, this basically guarantees that the most basic of tools will be unable to recover the data. I’ll jump ahead at this point to the wiping standards of the military. The tools used for this, such as the dukes boot and nuke live CD, make many passes over the entire hard drive to the point that it becomes nearly impossible to recover the data. I say nearly impossible because without physically destroying it, there is a one in a gazillion chance that one sector may be recoverable.
The flip side of this whole situation is the retention of the data. When it comes to how log you are to hold the data it boils down to company or industry standards. For some companies they will only require that seven days of backup data be held while others such as monetary institutions will require the data to be held for years. While this does touch into the realm of backups a bit more than security, the security aspect of the requirements must be addressed. It is not enough to simply install a server somewhere, encrypted the transmission via SSL, and then call your backups good. Take for example a remote datacenter that shuts down. They let you pull your data off and then shut everything off. All that hardware gets re-sold to salvage companies and the hard drives are scanned by curious people who are able to recover your secret files. That data held in the long term retention must be encrypted the same or higher level than your local data because you may not have physical access to it.
One consideration here is that you may not be able to remotely wipe the data without the physical access. That remote storage is way out of your control so it may be worth an investment in remote wiping capability. In this area there are a lot of options from failed access attempts triggering a data wipe to a timeout wipe. In the first scenario, the remote server is setup to automatically wipe the data with a certain number of failed login attempts (similar to cell phones these days). The other option is a data wipe that happens after a certain amount of time. It tries to heartbeat with a certain user or group and if it doesn’t hear anything after awhile, it will automatically the data.
2 comments:
The topic is so attractive and loves to read it, IT technologies use for all the mode of life including some SEO Companies Karachi, Thank you so much.
To create a successful website, in addition to high-quality content, good SEO strategies are equally vital. SEO works for your website as seasoning works for your food, and 247 Developers provide the finest SEO services to help you reach the high ranks on a search engine. Working on Google guidelines, we develop result-oriented SEO campaigns for our clients including complete on-page and off-page optimization. That is how 247 Developers provide the Best SEO Services in Pakistan.
Post a Comment