PoPI Act Compliance Electronic Data Destruction through Degaussing & Physical Destruction of Data & Information Storage Devices
We offer on-site Electronic Data Destruction services to ensure no retention of residual data or information stored on Hard Drives, Compact Discs, Removable Hard Drives & Flash Drives.
Why Comply to Data Destruction?
The modern storage environment is rapidly evolving. Data may pass through multiple organizations, systems, and storage media in its lifetime. The pervasive nature of data propagation is only increasing as the Internet and data storage systems move towards a distributed cloud-based architecture. As a result, more parties than ever are responsible for effectively sanitizing media and the potential is substantial for sensitive data to be collected and
retained on the media.
This responsibility is not limited to those organizations that are the originators or final resting places of sensitive data, but also intermediaries who transiently store or process the information along the way. The efficient and effective management of information from inception through disposition is the responsibility of all those who have handled the data.
The application of sophisticated access controls and encryption help reduce the likelihood that an attacker can gain direct access to sensitive information. As a result, parties attempting to obtain sensitive information may seek to focus their efforts on alternative access means such as retrieving residual data on media that has left an organization without sufficient sanitization effort having been applied. Consequently, the application of effective sanitization techniques and tracking of storage media are critical aspects of ensuring that sensitive data is effectively
protected by an organization against unauthorized disclosure.
Protection of Personal Information is paramount. That information may be on paper, optical, electronic or magnetic media.
An organization may choose to dispose of media by charitable donation, internal or external transfer, or by recycling it in accordance with applicable laws and regulations if the media is obsolete or no longer usable. Even internal transfers require increased scrutiny, as legal and ethical obligations make it more important than ever to protect data such as Personally Identifiable Information (PII).
No matter what the final intended destination of the media is, it is important that the organization ensure that no easily re-constructible residual representation of the data is stored on the media after it has left the control of the organization or is no longer going to be protected at the confidentiality categorization of the data stored on the media.
Sanitization refers to a process that renders access to target data on the media infeasible for a given level of effort.
What is Data Destruction?
Data destruction is the process of destroying data stored on tapes, hard disks and other forms of electronic media so that it is completely unreadable and cannot be accessed or used for unauthorized purposes.
When data is deleted, it is no longer readily accessible by the operating system or application that created it. But deleting a file is not enough; data destruction software must be used to overwrite the available space/blocks with random data until it is considered irretrievable.
Data can also be destroyed through degaussing, which destroys data on magnetic storage tapes and disk drives by changing the magnetic field. One caveat with this method is that the person who wishes to destroy data will need to know the exact strength of degaussing needed for each tape type and drive. Storage media can also be destroyed by using a mechanical device called a shredder to physically mangle tape, optical media and hard disk drives.