Data Backup, Retention, and Destruction PDF

Summary

This document discusses policies and best practices for data backup, retention, and destruction in organizations. It describes various methods for securely eliminating data, focusing on the importance of protecting sensitive information and avoiding potential penalties. It is a professional training guide.

Full Transcript

Certified Cybersecurity Technician Exam 212-82 Data Security Data Retention Policy Best Practices Create a data retention policy that fulfils legal and business requirements. :. Justify the reasons behind thed‘gg Create different data retention 0 1 02 Start creating a policy with minimal soquireunguts and add new requirements as and when required Create a simple policy which is easy for the employees to implement o Q) “Q ® 06 userinformation only till they are Retain customer, subscriber, and necessary Implement 80 ). ® policies for different data types, as per their legal and business impacts o 03 04 ‘ 05 'Y. o o] 02 re to manage the data retention tasks ‘@ ° 08 Classify data and decide if it should be archived or deleted Data Retention Policy Best Practices The following data retention best practices for an organization can help establish and enforce a more compliant and useful data retention policy suited to their needs: Create a data retention policy that fulfills legal and business requirements Justify the reasons behind the policy details Start creating a policy with minimal when required requirements, and add new requirements as and Create a simple policy which is easy for the employees to implement Create different data retention policies for different data types, as per their legal and business impacts Retain customer, subscriber, and user information only till they are necessary Implement software to manage the data retention tasks Classify data and decide if it should be archived or deleted Files which are not accessed frequently should be moved to a lower-level archive Organize and store archived data such that it is easily accessible Module 15 Page 1898 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Data Security Exam 212-82 Data Destruction Data destruction is the process of destroying data stored on tapes, hard disks, and other forms of electronic media, so that it is completely unreadable and cannot be accessed or used for unauthorized purposes The main purpose of data destruction is to restrict unauthorized disclosure of information through proper disposal and destruction of devices, equipment, computers, and media that store sensitive data Copyright © by EC-{ cll. All Rights Reserved. ReproductionIs Strictly Prohibited.. Data Destruction Computers, smartphones, and other devices store a large amount of information, some of which may be sensitive and critical, such as emails, documents, personal photos, etc. Once not in use, the user deletes the data presuming that the information is deleted and cannot be recovered. If not deleted properly, the information still exists on the hard drive or memory chip, and anyone accessing such a system can recover these deleted files. The best way to permanently delete files or sensitive data is by implementing data destruction methods. Data destruction is the process of destructing the stored data in electronic media such as hard drives, flash drives, tapes, etc. into an unreadable form that cannot be accessed or exploited for unauthorized purposes. The main purpose of data destruction is to restrict the unauthorized disclosure of information through proper disposal and destruction of devices, equipment, computers, and media that store sensitive data. The various forms of data destruction are: * = Delete/Reformat Wipe = Qverwriting data = Erasure = Degaussing = Physical destruction = Electronic shredding = Solid-state shredding Module 15 Page 1899 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Data Security Exam 212-82 Security Benefits of Data Destruction = Data destruction protects the sensitive information of customers and employees from cybercriminals. = Hefty fines can be avoided with data destruction as a security breach can lead to various penalties. Module 15 Page 1900 Certified Cybersecurity Technician Copyright © by EC-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security Data Destruction Policy O Data destruction policy ensures that the data stored on unused tapes, hard disks, and other forms of electronic media is deleted or d such that they are unreadable and cannot be accessed QO Every organization must implement a data destruction policy Q » Hard Drives and Flash Mobile Phones Mobile phones have a hard reset or cold reset button to delete the installed software and restore the device to Memory Devices » Physically destroy the optical and tape media when not required » factory default settings Copyright © by EC-C Overwrite the data in hard drives and flash memory devices using programs such as Darik’s Boot and Nuke, Wipe, etc. cll. Al Rights Reserved. Reproduction is Strictly Prohibited Data Destruction Policy A data destruction policy ensures that the data stored on unused tapes, hard disks, and other forms of electronic media are overwritten or destroyed such that they are unreadable and cannot be accessed for unauthorized purposes. Implementation of a data destruction policy reduces the chances of a privacy breach. Companies should spend their time and money on a data destruction policy since they have to safeguard their data and prevent a data breach. Every organization must implement a data destruction policy. Implementation of a data security policy: For implementing a data security policy, all devices and media no longer used by an organization should be securely removed, destructed, or overwritten. = Mobile phones - iPhones, Androids, Blackberries, etc.: Mobile phones have a hard reset or cold reset button to delete the installed software and restore the device to factory default settings. = DVDs and other tape when not required. = Hard drives and flash memory devices: Overwrite the data in hard drives and flash memory devices using programs such as Darik’s Boot and Nuke, Wipe, etc. Module 15 Page 1901 storage drives: Physically destroy the optical and tape media Certified Cybersecurity Technician Copyright © by EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security Data Destruction Techniques Ny. Clearing Technique to clear data in all user-addressable storage » Overwriting @ g j » spaces Cannot be used for damaged or non-rewritable media » % Wiping Erasure Purging » Technique to remove data permanently from a storage Degaussing » space by applying strong magnetic fields Strong magnetic fields can damage nearby devices » g LT @ » Technique to destroy data by destroying the storage medium » Disintegration, incineration, pulverizing, and pulping » Best method for destroying sensitive data » Shredding 9] Xy \ Data Destruction Techniques The different data destruction techniques are listed below. 1. Clearing Clearing is a data destruction technique that protects sensitive information against keyboard attacks. This technique is used to clear the data in all user-addressable storage spaces. The information eliminated by this method will not be recovered through data, disk, or file recovery tools. This technique is not applicable to damaged or non- rewritable media. Overwriting, wiping, and erasure are the methods used for clearing information. o Overwriting: Overwriting is a method of writing new data over old data with the purpose of eliminating the old data completely. Occasionally, this is accomplished in a single attempt. However, if the medium implements strong security, multiple passes may be required. This ensures that all information is destroyed and that no recovery tool will be able to recover it. o Wiping: Data wiping is a method of clearing data from an electronic device so that the data cannot be read any longer. It is performed by physically connecting an electronic device to a wiping device. Once the information is wiped from an electronic device, the device can be reused without losing storage capacity. o Erasure: Erasure is another method used to delete all the data in a hard drive such that the data can no longer be recovered. This method is used by businesses that have leased equipment or wish to reuse hard drives for storing different information. Module 15 Page 1902 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security 2. Purging Purging is a data destruction technique that protects sensitive information against laboratory attacks. This technique is used to remove data permanently from a storage space by applying strong magnetic fields, which can damage nearby devices. A laboratory attack occurs when an unauthorized individual uses signal processing recovery tools in a laboratory environment to recover sensitive information. Degaussing and executing the Secure Erase firmware command are two purging methods. o Degaussing: Degaussing is a method of using high-power magnetic field of magnetic media such as hard disk drives method cannot be implemented on optical media such as drive disk typically renders it inoperable, thus making it check whether all the data have been destroyed. magnets to disrupt the and magnetic tapes. This DVDs. Degaussing a hard impossible for a user to This method is effective in destroying storage media with large amounts of information, but it is inappropriate if the user wishes to reuse the storage device for storing different information. 3. Destroying Destroying is a data destruction technique of physically destructing the storage media through a variety of methods such as disintegration, incineration, pulverizing, shredding, and pulping. This method is used in circumstances where the complete destruction of data along with physical media is required. This is considered the best method for destroying sensitive data. o o Disintegration: This is a physical destruction information stored information. in storage Incineration: known Also media method that not only destroys the but also the physical as burning, incineration is an media effective containing that technique for deposing information written on white paper. However, destroying compact disks, DVDs, USB devices, or other storage systems via incineration can create environmental issues due to toxic fumes. Hence, this technique is recommended to be employed for erasing data on paper. o Pulverizing: In this method, documents of confidential data are dumped into a pulverizer that uses a hydraulic process to reduce the data objects or documents to shards and loose fibers. Few commercial businesses use this technique owing to the lack of availability and cost concerns. o Melting or pulping: Melting or pulping is the process of liquidizing documents that hold confidential data. It is important to ensure that the data on the documents are securely taken to the pulping facility, and the monitored until the pulping process is completed. o documents should be closely Shredding: This is another physical destruction method used to destroy information stored in storage media such as hard drives, optical drives, smartphones, tablets, and credit-card swipe devices. It breaks the electronic media into multiple pieces not Module 15 Page 1903 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Data Security Exam 212-82 larger than 2 mm. This method is especially useful to destroy data stored organization’s data center or in a large stockpile of old hard drives and media. 4. in an Disposal Disposal is a technique of eliminating information without considering data destruction. This technique is applied to documents containing nonconfidential information. The disclosure of such information will not affect the organization’s goals, lead to any financial losses, or harm an individual. Module 15 Page 1904 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.