The Importance of Data Protection and Erasure

Compliance Standards and Data Protection

Compliance standards are shining new light on the need to better control and protect data. There are a multitude of different ways to implement a data protection and security strategy, but most organizations would admit that destroying data is not one typically prioritized. However, as good business and cyber processes, there are also data privacy regulations which mandate the deletion of data, such as the “right to be forgotten” under GDPR. Organizations need to be of the mindset that they both could and should be reducing their data estate as a part of normal business and compliance operations.

More Controls Across the Entire Data Estate

In addition to reducing energy consumption, organizations should also consider the environmental impact of their data storage. Furthermore, as many organizations begin to factor in environmental responsibility as a tool for brand enhancement, consuming more and more IT resources, to process growing volumes of data, is self-defeating. Where infrastructure does need replacing, it is logical to clean all the data from the systems being replaced before items are disposed of or repurposed. In this case, erasing data is a process in itself and needs to include written proof that the data has been permanently erased, with no potential for recourse.

The Need for a Lifecycle Approach to Data Management

To simply go on creating more and more data, to use it for a period of time and then store it away, largely to be forgotten about, is a mindset that is antiquated and needs to be substantially adjusted. Data warrants much more focus; enterprises must adopt a lifecycle approach to data management, in particular that it has an end point, after which it needs removal. Storing data away and leaving it in perpetuity is dangerous, irresponsible and unnecessary. Ignored data poses risk to the business. Today, the risks data can present to an organization mean it is too important to be ignored.