Who would want themselves to indulge into something like data theft or anything of that sort? Not you, right? As we have heard and learnt it from a very young age that we must dispose of the old data whether It be in any form no matter what, but we should always discard that data which has some confidential information in them. Not just the business- and work-related documents should be considered as confidential but if there is a single page that just has your name or address written on it that should also be considered as confidential because you do not want uninvited guests at your home, right?
Disposed data, whether it is on a paper or on any digital devices, leaves your environment secure and is no longer subject to any of your safeguards. All of your personal data is a gold mine for identity thieves. That is why we want businesses to securely dispose of customers data as well as personal data.
Let us see the forms of data and how can you properly dispose them off to avoid hassle in the future.
Physical Data
For all of your physical data that includes mostly paper in this case, it is quite obvious that all sensitive paperwork should be shredded.
There are many local shredders available in the market that you can buy and shred your little or less documents in your home with no difficulty at all, but when it comes to a lot of papers that you need to shred than this local shredder will not be able to do much for you. A more practical solution to this problem is to collect paperwork to shred in a secure bin that allows anyone to drop in papers but has all the to control people to have an access for removing papers from it. You need to make sure that this bin should itself be secured (e.g., with a cable lock) to the building. Occasionally, the bin is emptied by a collection service provided by a secure shredding vendor.
As mentioned if your shredding volume is not high enough to warrant a scheduled collection service, you or your staff may take the paperwork to a shredding facility. Many office supply stores offer shredding services.
Digital Data
As well as the physical data it is important to discard all the information that is no longer in use and still has your personal information stored that can be used against you in any way. For digital data, deleting a file does not remove it from the hard disk or other storage media but except in case of certain SSD drives on specific operating systems that claim to remove them permanently. It simply tells you about the extra storage are that can further store your files in it. There are a lot of free software tools that can be used to recover data that was previously deleted, even all those files as well that were written over with new files.
So, if you are about to buy a new computer or any other storage media and if you are disposing off an old computer, you have two options:
Data destruction services:
Many PC recycle services offer data destruction also known as disk shredding services, and they even give you a proper certificate that states that the disks or storage media you submitted have been destroyed in such a manner that does not allow recovering any data in any form and by any other app. But keep in mind that this service is not free.
If you are looking for the best data destruction services in Minnesota, you can reach out to RTIDatashield for all of your document and data destruction services.
Disk Wipe:
The second method that can be used is the disk wipe method. If your computer has not completely been useless and if the computer is still working, and if you are willing to spend some time for your safety, you can install a free disk wipe software such as DiskWipe, Eraser, or paid ones such as Active @ KillDisk and Shreddit.
You may then use these softwares to erase all data on the computer’s hard disk. These software programs follow standard processes to write dummy data on all of the disk space multiple times, to make your confidential data unreadable. This is a good option if you are re-purposing the PC for other uses.
Smartphones
All of yours phones may have confidential data even if you do not explicitly store data files on it, such as:
- Emails or text messages stored in your inbox or sent folders.
- Documents opened from a secure website or document portal, left open in your mobile device web browser.
- A picture taken at a client meeting with whiteboard notes.
- Voicemail left by a client containing sensitive information.
Whenever you are about to buy a new phone and disposing off the old one, do not simply give it away or drop it in a phone recycle bin hear me again, do not! Use a data destruction service. They will shred the device physically.
In the cases where the device is lost, you can use the remote wipe feature available on iPhone and Android that are available in their app stores. This assumes that you had set up the device correctly to begin with, as we covered in digital safeguards for devices.
Point to ponder
Remote wipe only happens when the device is turned on and connected to the network. If you had not setup device encryption, data can still be read by someone in possession of the device without turning it on or by preventing it from connecting to the network (e.g. by removing the SIM). Hence it is important to both encrypt the device and enable remote wipe, as described in digital safeguards for devices.
Cloud Accounts
You need to keep that in mind that if you ever stop using an online service, it is not enough to just log out and stop logging in again. The data from your past usage is still stored in your online account with that service provider and you do not want to let it mis used by anyone.
At the very least, you should retrieve all necessary data and close the account from the scratch. Closing an account typically does not delete it immediately. You may have to contact their support desk to find out when, if at all, closed accounts are deleted.
Some of the service providers keep the closed accounts for a long time, hoping their customers may return to re-activate the account. If that is the case, you may have to request deleting your data through their support channel directly. Different service providers may vary in terms of their data retention and disposal policies. So, the best approach would be to find out what is the best mitigation available and implement that.