Protecting Deleted Data: Once you click delete, what should your company do with sensitive data?

Sensitive data comes in many shapes and sizes in the corporate realm. But what you do to dispose of it can vary pretty dramatically. While it might seem like deleting a file is the end of the road, when it comes to sensitive data, you might want to think again. Here are the key steps you should take to disposing of your electronic files that must not be accessed by a non-approved party.

Remember Your Hard Drive

The concept of deleting your files from your computer is more than a little misleading. After you hit delete, that file actually doesn’t really go anywhere. It’s still easily discoverable on your hard drive. Even if you empty your trash folder, those deleted files are still there, just out of sight in most cases. Deleting files from a hard drive only removes the “pointers” that make it easy for you to access the data. The actual data is still stored, and there are several fairly simple ways to access them. If a hacker gains remote access to your hard drive – a very common method for stealing private information – they can use simple file restoration programs to get it all back. This holds true for personal computers, workstations and even discarded equipment with hard drives that have been deleted.

So what can you do to ensure your data is truly gone when you’re done with it? Making deleted data practically inaccessible from hard drives on your computer or smartphone is not an impossible task. It just takes a few extra steps. For computers with information left on hard drives, you can use a wiping program that overwrites all of the unused data spaces on your hard disk where your deleted files used to be. This makes sure that anyone digging through your trash isn’t able to find what you don’t want found.

What About the Internet?

It’s also fairly well known that it’s nearly impossible to erase anything that is shared over the internet. Given the immense caching, or storage system that saves all content and previous versions, undertaken by major search engines like Google, digital content is preserved constantly, and the fact is that you have very little control over that. When you delete email messages (and empty your “Trash” folder), it may seem like there’s no way to get that data back, but that isn’t entirely true either.

The good news here is that for the most part, hackers can’t access emails that are deleted permanently from the Trash folder. However, email ISPs also keep backup copies of client inboxes, and in some cases, these deleted messages can be retrieved, though a court order is in most cases required for that level of retrieval making it less likely that your sensitive data would fall into the hands of a hacker. Hackers generally use other methods to break into email and steal sensitive information, including phishing scams, password breaks, or remote access. The bottom line is that if it’s on the internet, it’s not 100% capable of being deleted, and you should keep that in mind when you go about sharing information online, in whatever form that may take.


Leave a Reply

  • (will not be published)