Asset Recovery: The Case of Data Destruction and Certificates of Destruction
Technology is a forever evolving field, and now so more than ever. Thus, we find ourselves forced to do IT asset recovery every now and then as we seek to dispose, remarket or recycle old tech. Needless to say this is a challenge by itself, never mind when it gets down to the issue of data destruction – a pet peeve of many.
While upgrading company devices, corporate information is often left in the old systems posing a huge security threat. We are living in an age where hacking is an everyday affair and unless you’ve been living in a burrow, you’ll have heard one or two incidences of data breaches that have resulted from unauthorized access of company data by third parties, aka cyber criminals.
It is for this reason that data destruction should be at the vanguard when you’re doing IT asset disposition.
Age is but a Number
At times, companies find themselves stuck with equipment they retired ages ago. These are often a weak spot in terms of security, and particularly when it comes to media storage devices. Matters not if they are from seven years back. When it comes to confidential data, age is nothing but a number. That old data can land you in a position of regret should it happen to land in the wrong hands.
This is not the stuff of movies; these things do happen. And you would be wise to avoid being caught up in such a scenario.
When it comes to data destruction, don’t forget that deleting files or formatting the media device doesn’t mean you’re in the clear. This data can be recovered not much by a nifty hacker but by the average Joe lying in bed with a computer, and your media device.
And this is why we advise companies to destroy their data through secure means. If you’re not sure what to do, don’t hesitate to seek the services of a recovery solutions vendor you can trust. They normally practice professional data cleaning which can give you peace of mind by not worrying about any loose ends.
Speaking of which…
Certificate of Destruction
There seems to be a certain misconception that the certificate of data destruction is law when it comes to data sanitization.
Many data destruction companies furnish their clients with these certificates as a way of proving the quality and legitimacy of their services. The truth is though, this is easy to forge and will not carry a lot of weight in the event you find yourself on the wrong side of the law.
Point is, printed data destruction certificates are not a security guarantee that the data was effectively destroyed; nor does it offer a measurable way of validating that claim 100 percent. If the asset recovery company is in a position to offer a digital certificate, that would be better. And digital here doesn’t mean a soft copy version of the printed paper. Rather, it’s a digital certificate generated by the software following completion of an intensive data cleaning process.
And by the way, failure to dispose of data effectively could be against the law in cases where customer information is at risk. If, for example, you fail to destroy data properly and a data breach occurs that lands you in court, you could find yourself paying tens of thousands of dollars for failing to adhere to HIPAA regulations which demand for proper destruction of data. This, despite the fact that the data cleaning company had issued you a certificate.
At times, there is no need to take risks especially when dealing with a large pool of excess inventory that cannot be handled in-house effectively. Do your research well before settling for a company that can guarantee you proper data destruction by more ways than just the name and a piece of paper.