According to Blancco Technology Group’s recent “Delete vs Erase: How Companies Wipe Active Files” research, 61% of global organisations use Microsoft Active Directory to automate file management and control access right. Why is this necessary? Companies may choose to wipe active files from their storage media (i.e. desktop/laptop computers, drives and servers) to enhance the security of their sensitive data.
Organisations erase sensitive data from PCs whenever they need it. Running on existing operating systems they perform data erasure, preventing data leaks during the lifecycle of their assets. In this way, they are able to ensure sensitive business data has an additional layer of data protection and security to prevent breaches and other security threats.
6 easy steps to delete active files
1. Automate active secure erasure
This should be performed with each user’s Recycle Bin upon log off from the system. By automating this process your organisation is taking the necessary due diligence steps in confirming that all basic deletions of files and data are always erased, permanently and securely. This can mitigate any uncertainty or risks that may linger if the data hasn’t been properly erased from users’ laptops or desktop computers.
2. Schedule a “Shred Free Disk Space” operation
Each laptop and desktop computer owned and used by your organisation should include this step when there are service windows and/or patches are scheduled. By executing this, you will continuously target lingering application data (as well as other data) that has been improperly or incompletely deleted by a user of the system.
3. Automatically erase temporary files
You should automate the erasure process to ensure it is performed regularly guaranteeing optimal security. In this way, you can target user data that may have built up and remained in the system, such as the browser cache, where sometimes sensitive information may be stored.
4. Delete locally created and stored user files
By consistently deleting these user files your IT team and your organisation can promote workers archiving their data in a central repository, enforcing company policies that aim to discourage local storage (which can open up more opportunities for a data breach). This is an ongoing a data management struggle that has long vexed IT teams within many organisations.
5. Authorise “power users” to do active erasures
An often overseen asset to your IT policies is the selection and assigning of a group of “power users” within the organisation that are authorised to perform active deletion of files from the system. They can be instrumental in the security of for your company, particularly if sensitive data has been stored in the wrong location, so your “power users” can target this incorrectly stored data and permanently delete it immediately.
6. Get a certificate verifying file erasure for an audit trail and to ensure regulatory compliance
Submit the certificate proving file erasure to relevant governing bodies, legal entities and auditing firms to prove that data has been permanently erased according to data retention policies and regulatory requirements.
By following these tips, you can strengthen your organisation’s overall data hygiene and improve your organisation’s overall data management and data retention practices.
You can find a printable version of these tips in this infographic by Blancco Technology Group.