What is Data Sanitization?

What is Data Sanitization?

By Marcus Ho

November 3, 2021

According to the Personal Data Protection Commission (PDPC), data breaches are on the rise in the country. Singapore is a trendsetter in digital technology and businesses leverage the latest systems for data collection and analysis. But what happens to data you no longer need, or that’s in devices at the end of their lives? 

Man With Binary Code Projected on His Face

Data sanitisation is an important step to prevent hackers from retrieving your data.

Data sanitization comes in handy at the last stage of the information lifecycle management. This is a process to destroy data in storage devices permanently and make it irretrievable. Whatever your industry, data sanitization is essential to protect your organisation. 

The most effective data sanitisation processes are cryptographic erasure using public-key cryptography, physical destruction, and data erasure. These data destruction methods meet stringent guidelines set in local and international data privacy laws. 

Read on to find out more about data sanitization terminology, methods, information lifecycle management (ILM) and much more.

What Methods Do Not Achieve Data Sanitization?

Many businesses now use the latest data storage devices and systems. With the prominence of data in decision making, organisations leverage cutting-edge data tools to analyse collected data. The way you handle the data and data storage devices determines how secure the information is. Any flaws in your data management processes can lead to data loss. When your company’s data falls into the wrong hands, you become more vulnerable to attacks, financial losses, and legal trouble.

One way to guarantee complete safety of data is through data sanitization. This guarantees any storage hardware that might be disposed of doesn’t contain important data. The following are some ineffective data sanitization methods your organisation might be deploying:

  • Laptop, computer or smartphone factory reset
  • Data destruction with no verification process 
  • Physical shredding of files
  • Simple device data deletion
  • Data reformatting
  • Data wiping

Many organisations fall prey to hackers and other malicious elements because of poor data sanitization processes. Using any of these techniques might temporarily remove data from your files and folders. However, a data expert can still retrieve the data. The illegal access to such data can cause exposure of your company’s trade secrets, clients’ data, and other sensitive information. Hackers can also use the data to blackmail you for monetary gain.

Data Sanitisation Terminology

Data security is an evolving field with a lot of emerging terms. With the critical role that data plays in your business, it’s imperative to understand new terms in information lifecycle management. In relation to data sanitization, here’s some important terminology:

  • Data lifecycle management (DLM): Stages data goes through from creation to destruction. DLM involves general attributes of files such as type, size and age. Every stage in the life cycle goes is guided by policies for enhanced compliance, data security, and resiliency
  • Data Security Lifecycle (DSL): The data security lifecycle (DSL) focuses on data security throughout the data’s lifecycle. The lifecycle starts with data creation and ends with data destruction. At each stage of DSL, different security controls/structures are in place, including rights control, monitoring, backup, preventive controls, encryption, asset management, and data sanitization at the end of the life cycle  
  • Data Erasure: A data destruction technique with the use of software to write random 0s and 1s on every sector of a storage device. Overwriting renders the data in the storage devices unrecoverable. This is the most effective method to sanitise solid-state drive (SSD)
  • Cryptographic Erasure (Crypto Erase): The use of public-key cryptography to encrypt all the data on the device and erasing the key used to decrypt the data. This makes data recovery impossible
  • Degaussing: A method of physical data destruction with the use of a powerful magnetic field of a degausser. Data exposed to the magnetic field becomes unrecoverable but procedure also affects the storage device
Unrecognizable hacker with smartphone typing on laptop at desk

Hackers can easily access your data using readily available forensic tools.

Information Lifecycle Management is the structured management of the flow of data in an information system from the point of data creation and initial storage to the moment it’s no longer needed and needs to be destroyed.  Information lifecycle stages: The stages of in the management of data are:

  • Data creation: Point of data generation, alteration or update
  • Storage: Storage of data generated in a storage device such as a laptop, smartphone, computer server or in the cloud
  • Data usage: Retrieval of data from the storage system for some use
  • Sharing: Process where you make data accessible to others 
  • Archiving: When data is not in active use, archiving moves it to long-term storage where you can retrieve it later
  • Data Destruction: This is where data sanitization comes in to permanently  delete data in storage devices through physical or digital means
  • Data Hygiene: A clean-up or management of data to ensure proper classification of duplicated, unused or incorrect data. Best data hygiene practices ensure your organisation can track the whereabouts of data throughout the lifecycle

Differentiating Between Information Lifecycle Management and Data Lifecycle Management

For the best data destruction practices, you need to differentiate between information lifecycle management and data lifecycle management. To illustrate the difference, consider a company where the policy is to delete all emails over 3MBs after 30 days. This is an example of data lifecycle management. There’s no consideration of the email contents or information.  

On the other hand, information lifecycle management goes beyond general attributes such as size, age or type of file. In the case of the example above, the company policy considers the email content. The ILM technology used manages emails based on informational content of the data.

Another distinguishing factor between ILM and DLM is in the application. While data lifecycle management only describes data management, information lifecycle management can be used to describe both digital and physical information.

Stages of Data Security Lifecycle

Data security lifecycle includes the following phases: 

  • Creating data: This DSL stage includes data classification and appropriation of data rights
  • Storing data:  You’ll determine security controls, access controls, data encryption and rights management. 
  • Data usage: DSL practices include data monitoring in use and preventative controls
  • Data sharing: Here system for secure exchange of data are set 
  • Data archiving: The step fuses encryption and asset management techniques for data protection and easy access 
  • Data destruction: For data security, data sanitization is necessary to deliberately, permanently and irreversibly destroy all data in your storage device. Every sector of the storage device is sanitized in the process 

Final Thoughts

Businesses in Singapore now generate more data than ever before. Data is now the most valuable asset for any organization. While much of the focus in data security is on active data, there’s a huge risk of data loss at the end of its lifecycle. Data sanitization secures data in end-of-life devices and other assets. With the best data management service, you can choose the right method of data destruction to protect your business.

SPW is Asia's go-to solutions provider for data destruction, data erasure, IT asset remarketing, and environmentally-responsible IT asset disposals. Contact us and learn how you can incorporate an ITAD strategy into your business today. 

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Have a question? We're a message away.