When anything is deleted, most people expect that the deleted item is no longer accessible to them or anyone else. But this is far from the truth because of the way technology works. Deleting data does not mean that it is no long accessible.
This is an edited transcript from a video blog recording of Sarb Sembhi, CTO and the CISO for Virtually Informed, and his co-host Nick Ioannou, Director of Boolean Logic.
Today we look at why deleting data doesn’t mean that it is not accessible, how to ensure effective data deletion, and what happens if users don’t do that. Where data is not effectively deleted not only is it possible for others to access it at a later time, but it is also possible that it could result in non-compliance with data protection policy.
Issues with data deletion
Whether it is data deletion, alteration, or amendment to existing data, it is often possible to access certain elements of a file on a device. One of the first examples of this came during the UK Prime Minister Tony Blair’s era when someone got a hold of the “Iraq Intelligence document” and was able to access the meta-data which indicated the original author of the document together with other data which is saved as part of the file format.
The way technology works to store and protect data as well as deal with deleting it have always been very important considerations as the world moved on from portable magnetic media to other forms of media. And as the last few years have illustrated there have been many moves to go back to such media.
The embarrassment of the UK Prime Minister has been one of the many casualties which have included large and small organisations have being caught on the belief that deleting data meant that was okay to sell or donate either portable media (like memory sticks, or portable drives) or computers (PC, laptops, Macs) to charity. Only to find out later that the media or device has been bought by someone who knew how to access that data and make use of it.
There have been many examples of academic institutions who instruct their students to purchase second-hand technology to research and explore what data they could find on these devices.
These examples have illustrated both the fact that those selling used technology do not understand the issue, but also that even when studies have sought to expose how easy it is to extract data, such studies have had no impact on people’s behaviour.
"It is easy for security researchers to illustrate how trivial it is for them to not only access the data but also to use the confidential data for things that the original owner never intended."
It is easy for security researchers to illustrate how trivial it is for them to not only access the data but also to use the confidential data for things that the original owner never intended. However, not all of the donated or sold media or devices end up in the hands of researchers, many end up in the hands of people who are only looking for cheap things in the hope of retrieving compromising data that could be sold on for more than they paid for the media or device.
Since second-hand technology is so cheap, many criminals have used such approaches as side-line organisations to extract and extort the seller on the compromised data found.
The question that we often hear is “If it is so easy, why doesn’t someone do something about it”? To answer this question, we need to explore a little bit of the technology on how data is stored and what happens when it is deleted by the user.
What happens when data is deleted?
The easiest way to understand what happens when data is deleted is to understand what happens when data is created first. So, in very simplistic terms, what does happen when data is created? There are variations on different operating systems, different versions of operating systems as well as different types of media, and also encrypted drives. This section of the article is only available for our subscribers. Please click here to subscribe to a subscription plan to view this part of the article.
This section of the article is only available for our subscribers. Please click here to subscribe to a subscription plan to view this part of the article.