As the cost of electronic storage declines rapidly, more and more sensitive data is stored on media such as hard disks, CDs, and pen drives. Many computers store data about personal finances, online transactions, tax records, passwords for bank accounts and emails. All these sensitive information are vulnerable to theft. Sensitive data may also be leaked accidentally due to improper disposal or resale of storage media.
To protect the secrecy of the entire data lifetime, we must have confidential ways to store and delete data. Traditional methods for protecting confidential information rely on upholding system integrity. If a computer is safe from hackers and malicious software (malware), then so is its data. Ensuring integrity in today’s interconnected world, however, is exceedingly difficult.
There are two major components to safeguard the privacy of data on electronic storage media. First, the data must be stored confidentially without incurring much inconvenience during normal use. Second, data must be removed from the storage medium in an irrecoverable manner, at the time of disposal.
The general concept of secure handling of data is composed of three aspects: confidentiality, integrity, and availability.
Confidentiality involves ensuring that information is not read by unauthorized persons. Using encryption to store data or authenticating valid users are examples of means by which confidentiality is achieved.
Integrity ensures that the information is not altered by unauthorized persons. Storing a message authentication code or a digital signature computed on encrypted data is a way to verify integrity.
Finally, availability ensures that data is accessible when needed. Having multiple servers withstand a malicious shutdown of a server is one way to improve availability.
Achieving confidentiality means storing data in a way that can be read or deciphered only by authorized persons. No unauthorized persons should be able to read or otherwise obtain meaningful information from this data, even with physical access to the storage media (e.g. a stolen laptop).
When confidential data has to be removed, we must be sure that once deleted, the data can no longer be restored. A full secure data lifecycle implies that data is not only stored securely, but deleted in a secure manner as well.
However, typical file deletion (encrypted or not) only removes a file name from its directory or folder, while a file’s content is still stored on the physical media until the data blocks are overwritten.
Confidential data deletion can be accomplished in three ways: physical destruction of the storage medium, overwriting all of the sensitive data, and secure overwriting the key of encrypted sensitive data.
Both data storage and deletion forms an important part of any organization. Let’s take an example of a customer’s point of view. If a customer has lost some data from his laptop, he can get the data retrieved from the company’s database as it is always stored there.
Sometimes by mistake also the data can get deleted from consumer’s end so at that point of time the company can be contacted and the data will be received by the consumer. Like various online websites such as Urban Ladder relies on the data storage and deletion as the consumers are linked completely with that.