Takeaway: Deleted data may be more accessible than you think. Here are some ways to keep that data from prying eyes.
It’s a brave new world in this digital era, with more data stored electronically and flowing across the internet than — not too long ago — it would be possible to consume in several lifetimes. For most people, digital is now a way of life — everything from shopping and banking to working, organizing, researching and entertaining is accomplished through an electronic device.
Of course, you don’t want all of your digital information shared with the world. Electronic security is essential, and aside from password protection and encryption, data deletion is a common way to remove information that shouldn’t fall into other hands. But did you know that simply deleting files from your hard drive, or emails and web content through your browser, is not enough to actually get rid of the data? There are tools out there for recovering deleted data at several levels. Some of them, such as forensic computer tools, are used by government and law enforcement agencies for investigation. Others are used by hackers to gain access to sensitive information, resulting in damage and data theft.
Most everyone knows when you “delete” a file on your computer, it doesn’t leave your hard drive. Instead it goes to the trash or recycle bin. But even if you empty the trash folder, those deleted files still reside in your computer. Deleting files from a hard drive only removes the “pointers” that make it easy for you to access the data. The actual data is still stored, and there are several fairly simple ways to access them. If a hacker gains remote access to your hard drive — a very common method for stealing private information — they can use simple file restoration programs to get it all back. This holds true for personal computers, workstations and even discarded equipment with hard drives that have been deleted.
Another fairly common piece of knowledge is that nothing on the internet is ever truly gone. Immense caching — a storage system that saves all content and previous versions — through major search engines like Google ensures that the digital collective is preserved constantly. When you delete email messages (and empty your “Trash” folder), it may seem like there’s no way to get that data back, but that isn’t entirely true. The good news here is that for the most part, hackers can’t access emails that are deleted permanently from the Trash folder. However, email ISPs keep backup copies of client inboxes, and in some cases these deleted messages can be retrieved, usually through a court order. Hackers typically use other methods to break into email and steal sensitive information, either through phishing scams, password breaks or remote access that lets them log into your live account and read through messages.
It would seem that deleting text messages works about the same as deleting email, but that often isn’t the case. Today’s smartphones are highly sophisticated machines. They have larger hard drives, capable of storing more data — and that includes deleted text messages. Forensic technology is available to recover deleted text messages from phone hard drives. And while cell phone companies claim not to store the contents of text messages, court-ordered subpoenas can still turn up records of texts. As with computers and desktops, cell phone data is never truly gone. And if your phone is stolen, the thief may be able to access deleted texts.
Making deleted data practically inaccessible from hard drives on your computer or smartphone is not an impossible task. It simply requires a few extra steps. For computers, you can use a wiping program that “scrubs” or overwrites all of the unused data spaces on your hard disk where your deleted files used to be. There are several free programs that can accomplish this task. Some of the most popular include Spybot Search & Destroy, Eraser and BleachBit. When it comes to smartphones, the key is to take steps to prevent theft and have precautions in place in case your phone is stolen. Make sure you lock your phone with a strong password that will at least slow down a thief. And have remote wiping capabilities installed so that, if necessary, you can erase the contents of your phone’s hard drive from any computer. Being aware that deleted data is never really gone is an important first step to protecting your sensitive electronic information. Even deleted files can fall into the wrong hands. Take the steps to ensure they don’t.
The healthcare sector was rocked in early 2015 with news of the two mega breaches Anthem and Premera Blue Cross. In these data breaches, hackers were able to carry out sophisticated cyber-attacks against their networks. This new-school method of cyber-attack is very effective, and in these two breaches alone over 90 million customer personal records were compromised. However, there is still an old-school threat that looms in the healthcare sector, the old-fashioned stolen or lost computer.
"According to a recent healthcare industry survey by Bitglass, 68 percent of healthcare security breaches were due to the loss or theft of mobile devices or files, 48 percent of data lost was on a laptop, desktop computer or mobile device, and only 23 percent of the breaches resulted from hacking not connected directly to the loss or theft of a mobile device," said Ramesh Devare, COO of RxOffice.
Media Coverage :- (Click on links below to view news)
Counseling agency benefits from electronic data distruction
COLUMBIA, Md.- Partners in Community Building (PICB), a community-based counseling organization in Chicago, has selected IndiSoft's electronic data wiping technology WipeOut to wipe consumer data that is no longer needed from individual computers and its new servers.
PICB, a non-profit organization that started in 2002, helps improve the lifestyle of seniors, families and individuals of low to moderate income through housing and financing assistance as well as community education. The organization, which services Chicago and its surrounding suburbs, now runs WipeOut on its server and will erase unneeded information monthly.
"Due to the sensitive nature of the information we process and store, we needed an effective and secure way to destroy files once they are no longer needed or when a computer has to be repurposed," said Bobbi Ball, executive director of PICB. "We can assure our clientele and grantors that their information is properly safeguarded with WipeOut."
WipeOut features a secure log of when it is accessed by users so system administrators can determine and review what is being erased, when and by whom. Authorized users can remove sensitive data that is no longer needed from the hard drive of a server, PC or laptop, which can then be donated, all while knowing no customer information remains active or accessible. WipeOut is a patented technology.
"There are many regulatory requirements for companies regarding how they need to destroy or wipe sensitive information that is no longer needed," said Ramesh Devare, COO of IndiSoft. "With WipeOut, we offer the highest level of confidence available that information is completely wiped, giving companies as well as consumers the protection they deserve. In addition, companies using WipeOut will be in full compliance with federal and state requirements for data disposal."
"About IndiSoft LLC"
Columbia, Md.-based IndiSoft LLC is a global company that develops collaborative technology solutions for the financial services industry. Through various portals, IndiSoft's RxOffice® platform (patent pending) enables disparate parties to communicate and transact online in real-time. The transparent workflow technology improves the efficiency of business processes and offers audit, compliance and quality control capabilities to accelerate decision making and support business excellence. For the fourth consecutive year, IndiSoft was named to the Inc. 500|5000 listing of the fastest growing private companies in the U.S. and was selected as one of the Top 50 Service Providers by Mortgage Technology magazine in 2011, 2012 and 2013. For more information about IndiSoft visit its Web site at www.indisoft.us.
Media Coverage :- (Click on links below to view news)
News of security breaches, hacker attacks, identity and data thefts has grown at an alarming rate across all industries : financial, healthcare and insurance to name a few. Banking titan JPMorgan Chase and retailer Kmart are just a couple of the latest companies to be hit by hackers. These breaches are the catalyst for preventative measures to protect against future incidents. In addition to reviewing policies and making data security an even higher priority, all companies need to look more closely at how they can destroy data that is no longer needed while maintaining strict compliance requirements.
According to a July report from Databreachtoday.com, "The federal tally of major health data breaches has grown substantially in recent weeks to a total of 1,074 incidents affecting 33.7 million individuals since September 2009. The approximately 30 incidents added to the list over the last month provide examples of the variety of risks that healthcare entities continue to battle."
The shocking news is that most of these data breaches have been due to the theft or loss of laptop and desktop computers. This could easily have been prevented with technology that is currently available and by also taking a more security-centric business focus
Most people are probably aware that permanently removed data go into a recycle bin but are still accessible. Even after being permanently removed, data can be easily recovered using a number of software tools, so it is not safe to just permanently remove confidential, personal, financial, healthcare files and any other information. permanently removed data are merely tagged as "permanently removed" but are not actually permanently removed. This, unfortunately, exposes an organization to possible non-compliance with data wiping policies, as well as endangering the safety of personal identifiable information in cases where a computer is hacked or stolen. To manage confidentiality of the data at the disposition stage, companies need to use a tool that removes data securely with no remaining traces left behind and still protects user data.
Having a proven data-wiping tool in place eliminates the possibility of an unwanted information leak. While most of a company's systems security is managed at the network and application level, securing laptops and desktops is still a gray area, hence the need for additional security measures at that level.
When companies dispose of old computers/laptops, they often donate, sell or trash them. If the data has not been correctly wiped from the hard drives, there could be a security breach.
Fortunately, there are data-wiping applications that can eliminate breaches in both cases. For old machines, companies can completely erase the hard drive before disposal. In the case of a stolen machine that has data-wiping software, companies can notify the data-wiping software provider who can then remove data securely from the specified drives on the machine when and if it is connected to the Internet.
To improve data wiping processes, companies should do the following:
Companies can ensure they are compliant with state and federal data-wiping laws by following simple risk management strategies that will allow them to avoid the risk of data breaches. To be successful, those strategies must include an enterprise-wide approach to data protection and destruction. Process, people and technology can negate the power of thieves.
Ramesh Devare is chief operating officer for, a provider of software to the financial services industry.
Secure data destruction tool now available to financial institutions
COLUMBIA, Md. - In a digital environment that has recently been under seize by viruses and hackers, IndiSoft's WipeOut offers the financial industry the protection of a secure data destruction application. WipeOut enables administrators with the proper credentials at banks and other financial institutions to use the tool to effectively and efficiently destroy client-sensitive data from hard drives in a secure environment. This allows them to protect consumers as well as comply with federal regulations that require banks to destroy data in a specific way. WipeOut ensures this requirement is effectively met.
Management at IndiSoft, an ISO certified organization, understands information security and WipeOut ensures securely remove unwanted data without leaving any traces.
"Financial institutions have such an important role in the lives of consumers as well as the health of the general economy that requires them to provide the peace of mind that sensitive information that is no longer needed is destroyed properly," said Keith Boyce, vice president of business development. "With WipeOut financial institutions can comply with federal regulations, protect consumers information and now have the option of recycling the hardware to the communities they serve."
WipeOut is patented technology that features a secure log of when it is accessed by users so system administrators can determine and review what is being erased, when and by whom. Users can properly remove sensitive data that is no longer needed from the hard drive of a server, PC or laptop, which then can be donated, all while knowing no customer information still remains active or accessible.