Understanding Data Security - Part II

The guiding principle for deciding what is necessary method or process of data erasure is to ensure that the enemies cost of recovering the data exceeds the value of the data. If the media does not hold confidential information, overwriting or deleting the files may be the appropriate solution.

Media should be clearly marked and logged, its integrity should be verified, and it should be properly erased of data when no longer needed.

Methods of Data Destruction

The following are most commonly used methods of data destruction:

  • Delete
  • Degauss
  • Physical destruction
  • Software Overwrite

Delete

When we use all Delete and Format commands (even with switches such as Format C: /D) affect only the File Allocation Table (FAT) and we do not actually erase any data.  Until the “deleted” data is overwritten with other data, it still exists and poses a significant danger to an organization. Deleting/formatting data is an extremely ineffective method of data destruction and should be avoided.

Degaussing

When we degauss, the process involves using a machine that produces a strong electromagnetic field to destroy all magnetically recorded data. This process of data destruction may have been effective in the past as a strong electromagnetic field was not needed to destroy data. However, when we use modern hard drives, they use thicker shielding and require a much stronger electromagnetic field in order to ensure a complete erasure. There is no way to guarantee that a particular degassing machine will do a thorough job and therefore poses a security risk.

Physical Destruction

When we use the process of physical destruction, hard drives and other storage media are usually shredded into tiny pieces by large mechanical shredders/machines. This is considered an effective way of destroying data and preventing data. Drilling holes in a hard drive is another method of physical destruction. For us it’s important to remember that mechanical shredding, drilling and hammering don’t actually destroy data but make the drive inoperable preventing data recovery.

Software Overwrite

When we use the software based data destruction process, it involves using a special application or software program to write patterns of meaningless data onto each of the hard drive’s sectors. This process works by overwriting the data with a combination of 1’s and 0’s. The level of security depends on the number of times the entire hard drive is written over. This process is also known as zeroization.

Data Remanence

This is the residual physical representation of the information that was saved and then erased in some fashion. This remanence can be enough to reconstruct the data and restore it to readable form. If the media is reassigned, then an unauthorized individual could gain access to your sensitive data.

Data Recovery

Data recovery is the process or methodology of salvaging or recovering data from damaged, failed, corrupted, or inaccessible secondary storage media when it cannot be accessed normally. Often the data are being salvaged from storage media such as internal or external hard disk drives, solid-state drives (SSD), USB flash drive, storage tapes, CDs, DVDs, RAID, and other electronics. Recovery may be required due to physical damage to the storage device or logical damage to the file system that prevents it from being mounted by the host operating system.

Recovery Techniques

Multiple techniques are involved to recover data from physically damaged hardware. We can repair some damage by replacing parts in the hard disk. This can alone make the disk usable, but there could still be logical damage. A specialized disk-imaging procedure is used to recover every readable bit from the surface. Once this image is acquired and saved on a reliable medium, the image can be safely analyzed for logical damage and will possibly allow much of the original file system to be reconstructed.

Data Backup

In Computer Science a backup is defined as the process of backing up, refers to the copying and archiving of computer data so it may be used to restore the original after a data loss event

Data Backup Strategies

  • Full / System Imaging
  • Incremental
  • Differential

Happy learning! We wish you good luck in your "CISM Certification Program" journey!
 

Our Cyber Security Certifications Duration And Fees

Cyber Security Certifications typically range from a few weeks to several months, with fees varying based on program and institution.

Program NameDurationFees
Post Graduate Program in Cyber Security

Cohort Starts: 16 Apr, 2024

6 Months$ 3,000
Caltech Cybersecurity Bootcamp

Cohort Starts: 15 Jul, 2024

6 Months$ 8,000
Cyber Security Expert6 Months$ 2,999

Get Free Certifications with free video courses

  • Introduction to Cyber Security

    Cyber Security

    Introduction to Cyber Security

    3 hours4.6255.5K learners
  • Introduction to Cybercrime

    Cyber Security

    Introduction to Cybercrime

    2 hours4.626K learners
prevNext

Learn from Industry Experts with free Masterclasses

  • Steer Your Cyber Security Career Ahead in 2024 with Cyber Security Expert Master’s Program

    Cyber Security

    Steer Your Cyber Security Career Ahead in 2024 with Cyber Security Expert Master’s Program

    21st Mar, Thursday7:00 PM IST
  • Career Masterclass: Develop a Cybersecurity Red Team Career

    Cyber Security

    Career Masterclass: Develop a Cybersecurity Red Team Career

    23rd May, Tuesday9:00 PM IST
  • The Triple Threat: AI Ethics, Bias, and Deepfakes in Cybersecurity

    Cyber Security

    The Triple Threat: AI Ethics, Bias, and Deepfakes in Cybersecurity

    4th Apr, Thursday9:00 PM IST
prevNext