Data Recovery Of Sensitive Information Requires The Best In Security
In the Information Age, when a formula can be worth more than a bar of gold, the most fearful things for any business owner is the loss or theft of data. While data from a stolen hard drive may never be recovered, data recovery from a damaged hard disk is possible, though the physical condition of the disk may limit what data can be retrieved. Unfortunately, many local and big box retail hard drive recovery technicians are merely teenagers with a little tech savvy and no knowledge or understanding of security.
Business owners needing to secure their data during a hard drive recovery should look for some key practices in any company they plan to do business with. The most important practice is that they treat their client’s information with the same level of security they would treat their own proprietary data. If the business leaves hard drives and recovered data lying around where any employee, or worse, any random passer-by, can pick it up, then there is a very serious problem with their level of commitment to their customers.
It might be argued that signing a nondisclosure agreement will limit the number of people who look at the data, how the data is handled during off hours, and how the entire data recovery process proceeds. While an NDA may reduce some risk, if the company does not treat every transaction like it is controlled by a contract, the chances that some employee with no knowledge of the NDA will leak proprietary information.
The hard drive recovery process should be limited to as few hands as necessary, with a log of every individual who worked on either the hard drive or the data. When the data is not being worked on, it should be kept in a secure location that is safe from theft, as well as natural and man-made disasters. During the data recovery process, if the information is encrypted, decryption should only take place when authorized and should only be reviewed long enough to ensure the quality of the data.
Once data recovery has been completed, the information should be returned using a set of methods that ensure a safe and secure delivery to the end client. Finally, all data should be wiped from the hard drive recovery center’s computers, and if they retain the damaged hard drive, the disks should be destroyed in such a way as to ensure the data cannot be recovered again. While this requires the data to be secured in a new system, it also ensures the protection and limited availability of the software.
For over 10 years, Cheryl Thompson has worked with leading Hard Drive Recovery businesses, and has seen both the secure and unsecure methods used by many popular companies. Cheryl’s work has led her to realize the number of businesses who blindly request Data Recovery services without verifying the ability for the IT company to keep the data safe and secure.
