Data Erasure Standards
The issue of what happens with the data that is stored on so many systems, machines and networks is a problematic one nowadays. This is an issue that can affect any of us without warning and, sometimes, without us actually realising that there has been a data breach security issue. In recent years there have, for example, been more and more instances where sensitive and confidential data has been found on official computers and laptops that have been ‘decommissioned’ from official use.
So, what does this mean for you? Well, if you think about the kind of personal and confidential data that is held on any of us at any given time by government bodies, financial institutions and official sites it is easy to see that this is not data that we would want to fall into the wrong hands. So, for example, if a government department decides to ‘decommission’ some computers and to resell them then they have a duty of care to delete the data that is held on these machines so that it cannot be retrieved by anybody else. This is usually done by some form of software package that overwrites, wipes or permanently deletes the data.
This kind of deletion process is generally dictated by a range of data erasure standards that tells companies and official bodies what their obligations are here. A bank, for example, may be penalised if it sells on a laptop that holds customer account numbers. There are many different standards set here by various bodies. So, for example, some data erasure standards will be set by government institutions and some by military departments.
Each body here may have differing criteria when it comes to data erasure. So, when it comes to choosing a data erasure software package you may well see a company in this field marketing its software by the official erasure standards that it supports - i.e. the ‘blurb’ may say that a software package conforms to US military erasure standards and so on.