Every time we accidentally trash a file, it feels like magic when the IT staff can recover it for us in just a few moments. But, as a business owner it’s important to remember that there’s no magic in your IT infrastructure. Data is designed not to go away.
There are multiple systems built to keep information, even when hidden or deleted, alive on your hardware and even in some software. A quick Google search will show hundreds of data recovery tools designed to work with everything from your home PC to your friendly neighborhood server farm.
For today’s cloud systems, that means you’ve got a few extra things to consider.
Cloud Erasure Must Include Physical Servers
The majority of most business is done through cloud services and accounts that hold the reports, files, photos, and other things we need. When you’re done with a service or have ended a project, you might think you only need to delete your account to remove all of the information you were using and storing.
All of your data is still stored on physical servers associated with that cloud service. Deleting your account doesn’t automatically mean you delete the data from the server. Usually, you’re just deleting something that points to your data.
Think of it as removing the numbers from your home. Your house is still there, even though no one on the outside can be 100% certain they have the right address. But, if someone looks hard enough, they’ll still be able to find you inside.
Whenever you’re done with a cloud service or even just storage on a server, get verification that your information is completely gone. We’ve seen cases where virtual storage was used in project A, cleaned, and then used by in project B. If project B were to run a complete recovery on the space where the data was stored, they could potentially recover project A data if the cloud provider hadn’t properly cleared it.
Physical destruction is part of a smart data protection paradigm, and often that includes your servers and hard drives as well as the devices that access them.
What If You’re A Cloud Provider?
At Securis, we want to help promote a culture of complete security when it comes to data and hard drive destruction. For cloud service providers, that means you need to guarantee an extra step and ensure your customers do the same.
Start with a complete destruction of your servers and hardware, and then destroy whatever devices you have that could access these systems and may have latent information. However, destroying a device doesn’t mean you’re done. You need to erase what’s on the cloud and on devices, plus answer customer questions.
Your job is to deliver proof that the data is gone from your infrastructure. It’s always best to remove what you can off of Web and intranet portals, then follow up with physical destruction.
Securis can offer on-site and off-site data destruction services, which is a core part of any data cleanup. We can remove the IT assets you have and ensure that data from these is no longer available, but we recommend you work with any cloud partners to know where else data may be stored.
Together, we’ll keep your data safe and help you build stronger data protection policies.
