Data Privacy and Security

What does "data sanitisation" mean?

This is a contributed by Richard Stiennon, chief strategy officer of Blancco Technology Group and director of International Data Sanitisation Consortium

The incoming EU GDPR will enact legislation making it mandatory for organisations to erase personal data. Article 17 incites that this must be done “without undue delay” if the data is no longer needed, with organisations facing heavy fines if they fail to adhere.

Nearly 12 million records have been exposed since the beginning of 2017, according to the Identity Theft Resource Center (ITRC). Although data sanitisation is an important step in preventing sensitive data from being accessed or breached, it’s still relatively unknown and often misunderstood within the technology and IT security industry.

The entirety of the data lifecycle needs to be managed properly to keep data secure, and many businesses mistakenly implement insecure and improper data removal methods. These include a factory reset, reformatting, data wiping and data clearing. Many organisations mistakenly believe that these methods are capable of permanently destroying data, when in fact, they are not and leave data exposed and accessible. As a result, the vast majority of organisations today aren’t undertaking the necessary steps to implement a data sanitisation process and are leaving themselves vulnerable to a potential data breach.

Confused by GDPR? Check out: What we know, and don’t know, about GDPR

A recent survey found that 64 percent of IT professionals failed to choose the correct answer when asked to identify the correct definition of data sanitisation. On top of this, media reports and data recovery studies have repeatedly proven just how easy, common and dangerous it is for data to be recovered – all because devices had not been sanitised before they were discarded, recycled, traded in, resold or reused.

Misconceptions of what constitutes “deleted data” may stem from the fact that deleting information from a drive to all intents and purposes, clears the device’s space for normal use. The data is not easily accessible under ordinary routine procedures. However, for the determined and tech literate, there are still many techniques which can be used to retrieve sensitive “deleted” data.  


What is data sanitisation?

Instead of “wiping”, “clearing” or “resetting”, organisations should look to implement complete data sanitisation. Data sanitisation is the process of deliberately, permanently and irreversibly removing or destroying the data stored on a memory device to make it unrecoverable. A device that has been sanitised has no usable residual data, and even with the assistance of advanced forensic tools, cannot ever be recovered. There are three methods to achieve data sanitisation: physical destruction, cryptographic erasure and data erasure.

Another crucial element of data sanitisation is developing and implementing a data sanitisation policy, which will map your data across each stage of the lifecycle (create, store, use, share, archive and destroy). First, your organisation must recognise the risks associated with lack of control over information which will only worsen due to the implications of the GDPR.

Once you have identified all the risks, discover and list the types of data that will need to be considered within your organisation. This may include information such as employee records, legal documents and sales records. You should then determine which applications are storing these records, and what type of information is saved on which platforms, whether that be databases, cloud based systems or Microsoft applications.

Flowcharts outlining existing information processes within your organisation are also useful as long as they can be verified with supporting documentation. Understand when and where the information is created, who creates it and when it moves through each of the phases of the lifecycle. Determine, where required, the appropriate method of data sanitisation.

Once the scope of your data sanitisation program has been determined, you are now in a position to identify regulatory requirements and overall data exposure risks. Prioritise the risk exposure based on the type of data and the storage device (level of 1 – 10, with 1 being highest risk of exposure and 10 being the lowest exposure to risk).

After selection of the prioritised list of those business processes, including types of data and storage devices, with the greatest impact of risk, your organisation can now establish goals for managing data sanitisation.

For each prioritised business process and class of information, you must define its end of life (retention period) and appropriate data sanitisation method. For each process, the future state of where, when and how data sanitisation occurs should be mapped. The target profile is the desired end state. This is a fully implemented data sanitisation program.

The consequences of failing to properly dispose of data can be severe. This may include loss of IP, breach notification costs and an impact on brand and customer satisfaction. Fines for failing to appropriately process unnecessary personal data have risen to $20 million or 4% of a company’s annual turnover, depending on whichever is higher. By implementing proper data sanitisation policies companies in the future will be able to save themselves from potentially crippling fines and millions of individuals from having their personal information compromised.


« How smart will cities be in 2027?


From China's cryptocurrency clampdown to VCs in LatAm: A pick of our 2017 regional highlights »
IDG Connect

IDG Connect tackles the tech stories that matter to you

  • Mail

Recommended for You

Trump hits partial pause on Huawei ban, but 5G concerns persist

Phil Muncaster reports on China and beyond

FinancialForce profits from PSA investment

Martin Veitch's inside track on today’s tech trends

Future-proofing the Middle East

Keri Allan looks at the latest trends and technologies


Do you think your smartphone is making you a workaholic?