Destroying hard drives and tape-based media to protect sensitive customer and corporate information seems fairly straightforward. Yet, personnel and workflow issues regularly complicate the process of data destruction. Is RFID the solution to ensuring data media are securely and effectively destroyed?
Whenever data drives are destroyed, the entire process must be documented in a retrievable format for auditing purposes. Media ID, date, agents, witnesses, and other information can be used to resolve anomalies.
The workflow processes of pulling data media and staging them for destruction requires multiple steps, and each step must be tracked.Roles and privileges must be set for each person to limit access for destruction actions.
As an example, roles may be: enrolling data media for destruction, validating media for destruction hand-off, administrative access to reconcile anomalies, and read access for auditing and verification. In addition to action roles, observers should be included by scanning employee badges to ensure witnesses are properly attached to the process.
Under normal conditions, media are logged and handed off for destruction. On rare occasions, administrators need a way to resolve anomalies created due to processing mistakes or unanticipated scenarios.
EnaSys asset tracking provides a specific workflow interface for enrolling media for destruction:
- Roles limit user access to each workflow
- Multiple location access can be limited by individual security levels
- Users are tracked and given security access via Active Directory login
- Database access is controlled via Active Directory login
- Every event is tracked for future reporting
- Observers can be added to the destruction workflow by scanning their ID badge
- Read-only access is available for auditor reports
- Administrators have full editing access
- Notes and pictures can be attached to individual media records describing anomalies
- The workflow is optimized for the destruction process
Groups tasked with destroying media need a secure process that is optimized for their workflow. This process should also limit data entry, which can be cumbersome, while at the same time providing detailed events for auditors. EnaSys media destruction protocol bridges the gap between optimized work in the field and tracking critical details for reporting. With a few clicks, everyone gets what they need.