Do you have contingency plans to protect data?
Data must be erased using one of the three methods in order to be compliant with the Protection of Personal Information Act 2013 (PoPI) and to meet the strict security standards for monitoring, control and alignment with most organisational policies, warned Xperien.
Xperien CEO, Wale Arewa, said organisations must always demand certification and documentary proof of due diligence in the execution of data destruction. This will also ensure that a company’s intellectual property does not fall into the wrong hands.?
Companies handling their own data destruction cannot be assured that their company data is secure. Using inexperienced staff to handle data destruction may seem like a sound policy but it’s not, there is always potential for human error.
Arewa pointed to cost savings as the most probable reason for internal data destruction. This decision could be costly in the long run if their data security is breached. Like any professional service, when it comes to data management and destruction, it is advisable to use a vetted certified data disposition company.?
The most environmentally compliant method is advanced digital data elimination. It allows the hard disk drive to be reused and Xperien's software solutions also provide reliable audit trails. Physical shredding of the hard disk drive crushes and mangles it into tiny 25mm pieces, eliminating all the data and rendering the hard drive unusable.
Degaussing is a process that uses a magnetic charge to eliminate data. It also destroys other components of the hard disk drive, ensuring double protection.
"More importantly, one must vet and verify the company you contract with for data destruction in the process and systems they use to destroy data. Are they certified? How often are they audited and by whom? Do they have quality controls in place to measure effectiveness of their data destruction program and process," Arewa concluded.