Information-Centric Security and Data Erasure

Information-Centric Security and Data Erasure

The frightening reality is that storage remains insecure. ESG data suggests that 30% of users do not include storage infrastructure in their corporate security policies and procedures. While servers provide some storage protection, an inside attack could easily result in compliance issues, intellectual property theft or data corruption; all of which could be devastating. Further, the information and media on these systems are put at additional risk when these systems are routinely relocated, reallocated or serviced.

When it comes to fighting data breaches or complying with regulations, organizations must implement an information-centric security infrastructure -- one that protects confidential information, not just desktops, networks and servers. This type of approach has several key components:

  • Risk assessments and strong controls
  • Data classification
  • An information-centric security infrastructure

In this paper, ESG analysts Jon Oltsik and Heidi Biggar discuss the particulars of information security and data erasure, pointing out common misperceptions and overlooked problems -- and explaining why data deletion is not an adequate security measure. They also describe the components of an information-centric security infrastructure, best practices for data erasure and what to look for when retaining data erasure services.


Jon Oltsik Enterprise Strategy Group Heidi Biggar Enterprise Strategy Group
EMC Corporation
26 Sep 2006
01 Jul 2006
9 Page(s)
White Paper
Already a Bitpipe member? Login here

Download this White Paper!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.