Ë
By Security Features • October 28, 2021

Data Security In An Unsecure World

As the world moves further into the digital era, data security has been an ever-growing concern. Cybercrime continues to climb as digital data becomes more and more prevalent. In light of these facts, data security has become a critical focus for individuals and companies alike.

Why Data Security Matters

In our constantly evolving world, data security becomes more critical by the day. As it currently stands, nearly all personally identifiable information (PII) and other sensitive information are digital. Data security is quickly becoming a vital issue for every type of organization in a world where a data breach could lead to widespread identity theft and access to other critical information – from military secrets and classified information to bank accounts and medical records. There are numerous best practices for improving cybersecurity, most of which involve digital safeguards. However, it is also critical that end-of-life drives be physically destroyed.

Digital Data Security

Securing data digitally is one of the most critical steps in protecting information, and there are a few methods that can be used to protect data digitally. The first method is encryption. Encryption essentially morphs your data into code that can only be read via an encryption key or by specific machines and users in the case of digital data. As a result, encrypted data will appear scrambled and unreadable to anyone who attempts to access it without the proper encryption key.

Another method to protect data is called data masking, which is the process of hiding the original data from a file with modified data that looks real. Data masking is useful because it protects personal information from anyone who finds their way into a personal file. Furthermore, data masking helps in case of theft, as the thieves would have no way of telling which parts of the data are true and which are false.

A simple data security method is authentication, or simply put, the usage of passwords and logins to allow access to certain files. Authentication is essential because it provides access to the data from those who need it while locking out those who use it for nefarious means. Unfortunately, authentication has problems in the form of a hacked account allowing access to the data. Still, thanks to two-factor authentication, hacking into an account now requires access to the account holder’s phone and/or email. Two-factor authentication essentially requires a login and password to be supported by a code sent to either an email or phone number.

An interesting data security method does not protect the data but instead makes sure that the data still exists should it be hijacked. Data backups are vital to data security because they save the data should something happen to the original source. For example, the backup will restore the data if the hardware fails or a virus or hacker hits the data. Data backups even help with unexpected physical destruction, as in the case of a fire.

A fifth method is data erasure, which is exactly what it sounds like. Data erasure is the deletion of data from a drive beyond the general deletion used in day-to-day life. Elimination of data from drives is vital because of the threat the drives pose at end-of-life. Wiping the data effectively eliminates the data on the dead drives when done with a degausser, such as SEM’s EMP-1000HS. That being said, wiping the data is not the only step that needs to be taken for maximum security at a drive’s end-of-life.

Physical Destruction

In order to adequately protect data, end-of-life drives must be disposed of properly. It is relatively simple to recover data from dead drives, and with the expansion of the cloud, old drives pose an even more significant threat. The safest way to destroy dead drives is to physically destroy and dispose of them on-site, so the data never leaves the premises or falls into the hands of someone outside of the company. The best way to destroy end-of-life drives is to use a data destruction device to physically crush, shred or disintegrate the drive in question. Suppose a company or organization fails to destroy end-of-life data properly. In that case, the potential for a significant data breach increases exponentially, as does the liability associated with such a catastrophe.

Data security measures must be thorough and constantly evaluated in order to ensure data privacy and integrity. While the methods set into place now are effective, including digital safeguards and physical destruction at the end-of-life, we must practice constant vigilance as technology continues to improve, lest cybercriminals gain the upper hand in the battle for data. 


The original post "Data Security in an Unsecured World" was written by  Paul Falcone, and posted on InfoSecurity Magazine.