What is Data Sanitization?
Data sanitization involves the intentional, permanent deletion or destruction of data from a storage device, to ensure that it cannot be recovered in any way.
Usually, when data is deleted from storage media, the media is not really erased and can be recovered by an attacker who manages to gain access to the device. Obviously, this raises serious concerns about the security and privacy of companies’ data.
With data sanitization, the storage media is cleaned so that there is no data remaining on the device and no data can be recovered, even with advanced forensic tools.
The Need for Data Sanitization
The Italian Data Protection Authority, following investigations carried out by the Guardia di Finanza’s Special Unit for Privacy and Technological Fraud, has recently sanctioned several Italian companies for violating data protection legislation.
An episode like the one that happened to the chain of perfumeries Douglas (Douglas case) represents a further confirmation of the increasingly urgent need for all companies to integrate the adoption of Data Sanitization techniques into their data lifecycle management and treatment processes. Such solutions allow the definitive and non-reversible erasure of data for which the requirements for the processing need no longer exist.
Companies often once they have acquired user data, do not bother to ask for any consent to the processing for their activities after a long time. When a company’s IT resources reach the end of their useful life, they need to be disinfected to ensure that sensitive data stored on the equipment is truly erased before it is deleted or reused.
Software must be disinfected even if it is disposed of. When a company sells, donates, or disposes of equipment that contains storage, IT and security teams need to ensure they have a reliable data sanitization strategy. Otherwise, they are not only giving away the device, but along with it, they may be exposing sensitive business data.
The solution of arimas
arimas can provide Data Sanitization solutions able to protect against any kind of dispute: delete the data and certify the cancellation to prove to customers and institutions that they have fully complied with their obligations regarding privacy.
Contact us for more information.