Data Security in an Unsecure World

June 25, 2019 at 3:18 pm by Paul Falcone

As the world continues to move further into the digital era, data security has been an ever-growing concern. Cybercrime continues to climb as digital data becomes more and more prevalent. In light of these facts, data security has become a critical focus for individuals and companies alike.

Why Data Security Matters

In our constantly evolving world, data security becomes more critical by the day. As it currently stands, nearly all personally identifiable information (PII) and other sensitive information is digital. In a world where a data breach could lead to widespread identity theft and access to other critical information — from military secrets and classified information to bank accounts and medical records — data security is quickly becoming a key issue for every type of organization. There are numerous best practices for improving cybersecurity, most of which involve digital safeguards; however, it is also critical that end-of-life drives be physically destroyed.

Digital Data Security

Securing data digitally is one of the most critical steps in protecting information, and there are a few methods that can be used to protect data digitally. The first method is encryption. Encryption essentially morphs your data into code that can only be read via an encryption key, or in the case of digital data, certain machines and users. Encrypted data will show up scrambled and unreadable to anyone who attempts to access it without the proper encryption key.

Another method to protect data is called data masking, which is the process of hiding the original data from a file with modified data that looks real. Data masking is useful because it protects personal information from anyone who happens to find their way into a personal file. Furthermore, data masking helps in case of theft, as the thieves would have no way of telling which parts of the data are true and which are false.

A simple method of data security is authentication, or simply put, the usage of passwords and logins to allow access to certain files. Authentication is important because it allows access to the data from those who need it, whilst locking out those that would use it for nefarious means. Authentication has problems in the form of a hacked account allowing access to the data, but thanks to two-factor authentication, hacking into an account now requires access to the account holder’s phone and/or email. Two-factor authentication essentially requires a login and password to be supported by a code sent to either an email or phone number.

An interesting method of data security is one that doesn’t protect the data, but rather makes sure that the data still exists should it be hijacked. Data backups are vital to the world of data security because they save the data should something happen to the original source. Should the hardware fail or the data be hit by a virus or hacker, the backup will restore the data. Data backups even help with unexpected physical destruction, as in case of a fire.

A fifth method is data erasure, which is exactly what it sounds like. Data erasure is the deletion of data from a drive that goes beyond the general deletion used in day-to-day life. Elimination of data from drives is vital because of the threat the drives pose at end-of-life. Wiping the data is an effective way of eliminating the data on the dead drives when done with a degausser, such as SEM’s EMP-1000HS. That being said, wiping the data is not the only step that needs to be taken for maximum security at a drive’s end-of-life.

Physical Destruction

In order to properly protect data, end-of-life drives must be disposed of properly. It is fairly simple to recover data from dead drives, and with the expansion of the cloud, old drives pose an even larger threat. The safest way to destroy dead drives is to physically destroy and dispose of them on-site, so the data never leaves the premises or falls into the hands of someone outside of the company. The best way to destroy end-of-life drives is to use a data destruction device to physically crush, shred, or disintegrate the drive in question. If a company or organization fails to properly destroy data at end-of-life, the potential for a large data breach increases exponentially, as does the liability associated with such a catastrophe.

Data security measures must be thorough and constantly evaluated in order to ensure data privacy and integrity. While the methods set into place now are effective, including digital safeguards and physical destruction at end-of-life, we must practice constant vigilance as technology continues to improve, lest cybercriminals gain the upper hand in the battle for data.