Inaccurate Design

D for DESTROY

Wednesday, 9 May 2012

For a long time, a critical part of the Data Lifecycle within an organisation has been Retention and Destruction.

You know, the whole DBAN-the-laptop-before-giving-it-to-a-new-user thing (you do that, right?), or specifying how your service provider gets rid of data when you eventually break up? Hell, even when selling computers many people take out the HDDs and take to them with a hammer (although I’m not sure how much of this is security related and how much is for funsies).

So it pains me to say that the ‘data destruction’ part of DLM is no longer. Turns out, one of the beautiful things about cloud computing is that you don’t need to worry about that anymore!

The issue identified was in the area of separation of data. By launching several Cloud servers and conducting a detailed security assessment, we were able, on some of those servers, to gain access to some customers’ data remnants.

Dirty Disks Raise New Questions About Cloud Security

Oh wait. You DO have to worry about it, you just don’t have access to the drives themselves to smash up. So end-to-end DLM just got harder.