The impossible enterprise data security challenge
In my post last week, I described some of the basic challenges in ensuring that data you delete actually stays deleted. In the context of personal computers and removable drives, these concepts can be confusing for users but are usually fairly well understood by IT pros. But IT pros are often confused when deleting data in the context of storage virtualization in their data centers.
Virtualizing storage has been enormously popular for several years. It's no wonder, either: By abstracting the underlying storage medium from how it's presented to storage users, you can pull off really cool tricks. Thin provisioning, snapshots, SSD wear-leveling, and automated storage tiering are all possible thanks to storage virtualization.
However, all this progress has come at a cost to data security. You can no longer simply overwrite a disk with random garbage and assume that anything that had been on that disk has been effectively obscured, as you can on your PC. Instead, there are almost certainly leftover bits and pieces of that data floating around on your storage device.
If you want to be reasonably sure that someone won't come across sensitive data by accident, you can succeed without too much difficulty. But if you're looking for an iron-clad guarantee that sensitive data will never see the light of day, you'll find it can get substantially more complicated and in fact almost impossible without committing to a mammoth undertaking.
To continue reading, register here to become an Insider. It's FREE to join