Claiming to be the most trusted name in junk removal, 1-800-GOT-JUNK? provides full-service junk removal. With over $250 million in revenue, there's a lot of money to be made in junk removal. Tens of millions of attics are filled with useless and obsolete items that will likely never see the light of day. Which creates the need for junk removal firms.
When it comes to IT, there are terabytes upon terabytes of data that have junk status. But while one can simply get rid of their physical junk by finding the lowest bidder, effective electronic data disposal and destruction requires a much more pragmatic and centralized approach.
It's that topic - Effectively Implementing and Managing Electronic Data Disposal and Destruction – which I will be presenting on at InfoSec World 2018.
It's quite easy to lose sight of just how much data are around. With basic smartphones now having 32GB of data capacity, huge data stores exist. In fact, one can buy a 512GB USB stick for under $300. Buy 30 of those and you are able to store all of the data in the Library of Congress.
Enterprises wanting to get rid of their data, be it on hard drives, USB, floppy, take, CD-ROM, and myriad other media types must have a defined data destruction strategy. Lack of a formal data destruction strategy puts firms at financial, reputation, and data security risk.
While Murphy's Law seems to kick in just when you deleted that important file - the reality is that ensuring that data are completely and permanently deleted is not a trivial endeavor.
While data destruction is not rocket science, firms need to ensure their data destruction programs are legal and regulatory compliant, and that they are employing effective data destruction methods that can stand up to an external auditor or regulator.
"While one can simply get rid of their physical junk by finding the lowest bidder, effective electronic data disposal and destruction requires a much more pragmatic and centralized approach." -@benrothke #InfoSecInsider #infosec Click to Tweet
While scores of different media types exist, there is no one-size-fits-all when it comes to data destruction. For example, a compact flash drive, electronically erasable PROM (EEPROM), and solid-state storage (SSS) have different data elimination practices for each type of data storage asset. If a firm isn't clear on which method to use, they could be placing themselves at risk.
Once firms add up all of the storage media they have, they'll see they are awash in information that is both sensitive and confidential. While it may take 30 USB sticks to store all of the data in the Library of Congress, all of your corporate data may be able to be contained on a single stick. If that stick is lost, and it has regulated data on it, it's an invitation to a class-action lawsuit and a visit from a regulator.
Every organization has data that need to be destroyed. Every organization has countless data stores. Your organization has a large volume of electronic data occupying space which may be a as liability, both from a legal and information security perspective.
Effective document destruction practices prevent information from falling into the wrong hands and effective data destruction processes today is part of any good set of information security processes.
If an organization isn't careful about what they don't dispose of, it could become their competitors' good fortune and the firm's worst corporate nightmare.
Ben will present his talk entitled, Effectively Implementing and Managing Electronic Data Disposal and Destruction on Wednesday, March 21st at 10:30 AM InfoSec World 2018 in Orlando, Florida.