Sometimes having the best antivirus to remove malware and viruses is not enough, and you may want to actually delete sensitive data from your database, but did you know that data deletion is not enough?
No? Well, if you tried a simple data deletion, be aware that the information you tried to destroy once for all for your security is still recoverable.
The only secure way to get rid of your business data is data erasure, so it’s important that you understand what erasing data really means, and how to do that.
We asked this and more to Fredrik Forslund, Vice President – International at Blancco, the industry standard in data erasure and mobile lifecycle solutions.
Can you please present Blancco to our audience? What’s your story and how have you evolved up to now?
Blancco provides organizations with best-in-class data erasure and mobile lifecycle solutions. This enables tens of millions of organizations, each year, to protect end-of-life data against unauthorised access, safely redeploy data storage assets, and firmly comply with increased data protection and privacy requirements.
Over the years, Blancco has evolved to become a key enabler of the IT circular economy. We promote the efficient use of resources and the incorporation of sustainable, environmentally friendly practices across our customers’ complex IT asset portfolios.
Critically, our suite of products enables enterprises to adopt sustainable data erasure as an alternative to physically destroying an IT asset to protect data. This is fundamental in readying devices for reuse or resale via the secondary device market, and supports the creation of jobs in the refurbishment of IT equipment.
Blancco is also deeply involved in several non-profit initiatives, securely erasing data on donated devices in a bid to improve digital inclusion and IT skills development.
Blancco currently has 40+ patented or patent-pending ideas and continues to grow the number of innovative solutions global companies can rely on to accelerate IT operations, secure their data, and grow their businesses.
What services and products do you offer?
Blancco has a long heritage in providing public and private sector enterprises with best-in-class data erasure and mobile lifecycle solutions. Our software-based erasure products are the most certified data erasure solutions on the market, irreversibly removing data from a device when that data or asset has reached the end of its lifecycle.
Our product suite has enterprises covered across a multitude of environments and underlying technologies. We offer: Hard Disk Drive (HDD) and Solid State Drive (SSD) erasure, erasure for all types of cloud environments, file erasure, removable media erasure, hardware solutions, a management console for reporting.
We also offer front and back of house processing for mobile organizations which includes, mobile erasure, mobile buy-back and trade-in solutions, as well as a mobile insurance product to maximize customer lifetime value.
Fundamentally, we enable organizations to better manage data by providing solutions to remove redundant, obsolete, or trivial information. Importantly, Blancco products mitigate the need for physical destruction which helps our customers to meet their sustainability goals during a worldwide call for greater environmental stewardship.
What is the difference between data deletion and data erasure?
While data deletion removes the data from immediate access, it is not a secure method of irreversibly removing the data from the device it is stored on or funnelled through. Using forensics tools, which are readily available online, bad actors can retrieve data from a device, even after it has been deleted. This is a high-risk situation that can leave an organisation vulnerable to a potential data breach.
Data erasure on the other hand, when done correctly using a certified erasure solution, will permanently remove the data. This process also provides organizations with a certified audit trail from conception of the data through to end-of-life. This ensures the data cannot be retrieved from any devices or systems it has passed through.
Can you suggest the best Ways Organizations Can Improve their Data Security before erasing their data?
Data classification and data management are key concepts organizations need to consider when thinking about improving data security. Today, data security very much comes down to understanding what data you have, where it sits and who has access to it. Once that is in place, an organization is a lot further towards achieving better control over the data in its possession. By classifying the data stored, organizations can ensure an added level of security by only granting access to authorised personnel to add, view, modify, or securely erase sensitive information. Organizations can also double down on the policy to only allow higher ranking employees access to more sensitive and confidential data. Thus, minimising unwarranted exposure and risk. Classifying data complements the management process, making it easier to identify data that is now irrelevant to the organization and can be safely erased.
And what else can be done to avoid insider threat incidents?
Insider threats are more common than we think. One of the most general occurrences is the chain of custody risk where someone might be given an opportunity to simply bring home/steal a hard drive or even maybe a whole computer. We see this happen often with poorly managed assets during the decommissioning processes. To avoid this, organizations should ensure there is a stringent process in place to immediately and automatically erase the data from assets before it is decommissioned. This will curtail possibilities of misdemeanors by the chain of custody and remove the risk of data being stolen or lost along with the devices.
How do you see the cybersecurity field evolve in the next few years?
Looking at industry analytics we will continue to see significant increases in IT security investments and related budgets. The cost of a data breach gets higher each year and the legal requirements become more stringent. We will see good security and data management increasingly becoming a competitive edge for successful companies.
We will also see increased understanding of the relationship between cybersecurity, ESG and sustainability initiatives to help promote the IT circular economy. Investors want organizations to demonstrate what they are doing to meet their ESG goals. Employing data erasure to sustainably manage IT assets and extend device lifecycles will also act as a competitive advantage for environmentally conscious organizations.
Lastly, how’s the future look like for Blancco?
The last few years have seen companies being more conscientious with end-of-life assets. This comes as awareness around circular IT, which is enabled by being able to erase data, increases. We believe we’ll continue to see a strong growth in the market for data sanitisation through certified erasure rather than physical destruction, in a bid to improve engagement with the circular economy.
We’re also seeing a clear trend where organizations are proactively acting on reducing their data footprint by targeting/ erasing data that is beyond retention. This not only improves an organizations data security but also allows for newer data to be retained without increasing the organization’s existing storage space. This trend will include Blancco’s solutions and challenge us to be even more integrated into different systems and processes running on top of the actual storage platforms or assets. This is a very exciting development.