Daten. Leben.

Insufficient data deletion: An exception?

Passport photos, signatures, and documents from the residents’ registration office archive: ARD’s business magazine Plusminus was able to effortlessly access these and other extremely sensitive data. The report shows how easy it can be to obtain several gigabytes of such internal company data – even though an external data deletion of the office hardware was ordered. How can such a data leak happen?

The answer lies in the acquisition of used hard disks, which had previously been insufficiently erased. The journalists from Plusminus purchased 30 of those at a low price which gave them easy access to data from various companies and industries. Affected organizations included, for example, the payment service provider Klarna, the automotive group Audi and government agencies.

In terms of sustainability and climate protection, IT-recycling has been a growing market for years. And the kickback on the resale of discarded hardware is another advantage over the shredding of these data carriers that used to be the norm. Unfortunately, however, not all providers who offer refurbishing have the data protection and data security of their customers’ hardware as their primary goal.

The Plusminus report shows that some companies do not proceed professionally with the deletion process and neglect data protection requirements. Often, the hardware is not checked for other installed hard disks and only one hard disk is insufficiently overwritten. The main problem is that the service is beyond the control of customers, who rely on secure deletion. An industry expert estimates that only 10% of providers work cleanly. This means that the purchase of used hard disks can turn out to be a real goldmine for criminals…

So, is it not possible to protect the data at all? Is shredding the only safe way? How can a company check whether the service provider is trustworthy and fully deletes its own data?

REISSWOLF offers a secure answer to these questions. Implementing data protection & data security on a daily basis for decades, the deletion and reprocessing of hardware is a secure, transparent and certified process, which is carried out in cooperation with Ingram as a certified partner. And of course, it is more sustainable than the final shredding, which is also offered but only makes sense if a reuse of the hardware or a valuable IT-recycling is excluded.

Specifically, all devices are checked first so that no hard drive is overlooked. REISSWOLF works with Ingram to ensure that all hardware data is erased in a certified manner using Blancco’s erasure software. This software is considered the gold standard and has been tested, certified, and approved by more than 15 government testing organizations. It is also used by the NATO and the British government, among others. In addition, transparency about the process is ensured by providing our customers with a certificate after the successful deletion process as proof of compliance with the highest security standards. In this way, REISSWOLF ensures GDPR-compliant data erasure and enables the safe reuse of old hardware.

Do you still have questions about data deletion, IT-recycling or the destruction of data carriers at REISSWOLF? We will be happy to provide you with secure answers.