When it comes to securing personal information, there is no room to cut corners. Every day, regular citizens, small businesses, and massive corporations are getting hacked. Fortunately, there are proper methods you can take to protect sensitive information. Today, we are going to clarify the difference between wiping, degaussing, and shredding, the level of security each method offers, and which option would be best for your situation.
Why Data Destruction Methods Matter
Proper data destruction is more than just a best practice. For most businesses, it is required by regulatory bodies, such as HIPAA, FACTA, or GLBA. Businesses that collect private information in health care, technology, government, financial services, or any other sector are subject to these regulations. Why? They are in place to protect customers.
Customer data, such as usernames, passwords, account numbers, credit card information, and other sensitive data, is often stored on various devices: computers, servers, hard drives, phones, and even printers. When that device is retired, the data often goes with it. If it is not properly destroyed, that private information could be leaked to bad actors with nefarious intentions.
Therefore, it is the responsibility of the business to take reasonable steps to protect this information. Let us go over the three most common forms of data destruction: wiping, degaussing, and shredding.
Wiping vs. Degaussing vs. Shredding
To give you a strong mental image of what each of these processes looks like, imagine you have a book. “Wiping” the book would be like locking it in a safe. You can’t read the book, but if you hired a safecracker, you may be able to get it back. “Degaussing” the book would be like taking a black permanent marker and using it on every single line. You would not be able to read the book or recover any of the information, but the parts of the book are technically still there. “Shredding,” on the other hand, would be like lighting the book on fire until all you are left with is a pile of ashes.
Now, let us explain the more technical side.
What Is Data Wiping?
Data wiping is often considered a form of “data destruction,” but it typically doesn’t meet regulatory guidelines. Wiping is the process of deleting information from the device and then using software to scramble or overwrite the remaining data with new data.
The problem with wiping is that recovery of past data is sometimes possible, depending on the device type.
As a result, data wiping is typically considered only as an option for data destruction when the device is being reused internally.
What Is Degaussing?
Degaussing is the process of using a powerful magnetic field to scramble the magnetic particles of a storage device. Unlike overwriting, degaussing irreversibly erases existing data, rendering the device inoperable. The device is still intact but mostly useless.
Degaussing is considered secure for data destruction according to some regulations. However, it is important to note that it is only available for magnetic media. It won’t work on solid state drives, optical media, USB flash drives, SD cards, and some cell phones or tablets.
Additionally, to be considered a secure form of data destruction, the business must be able to verify that the information has actually been removed. For example, at CI Information Management, we use the Model EMP1000-HS degausser. Approved by the NSA, this model includes built-in verification.
What Is Shredding?
Shredding is considered the ultimate gold standard for data destruction across all regulatory bodies. That is because the shredding process involves placing the media device in a machine that physically crushes, tears, and grinds it into tiny pieces. Those pieces are then melted down for further recycling. Essentially, any attempt at retrieving information is impossible.
Which Method Is Right for You?
To determine which data destruction method is right for your business, we suggest reviewing the regulations set by any governing body that applies to you. That will give you an outline of what is expected of your business and the consequences should you not apply it.
How CI Information Management Can Help
We at CI Information Management are a NAID AAA Certified secure shredding service proudly serving Kennewick, Pasco, Richland, Yakima, Wenatchee, and surrounding communities. We offer both degaussing and shredding services that are both convenient and easily accessible for every type of business. Whether you are looking for regular shredding services that come right to your lobby or you want to simply drop off your devices at our secure facility, we can make it happen.
Learn more about our secure data destruction services or schedule your service today!
