CYFOR Blog

Targeted Data Deletion enables the complete erasure of confidential and sensitive data from computers and mobile phones.

Have you found an individual to be in possession of company data that they are not authorised to hold? Does your company need to securely delete a targeted set of data to comply with regulatory demands? Perhaps you have left a company, yet still hold company data and online account credentials, and want your device purged with a forensic report provided as proof. 

Our digital forensic experts can erase any traces of confidential data from digital devices to provide you with peace of mind. Whether you are an individual, a small business or a large corporation dealing with sensitive information, you want to know what data you hold, where it is and who has access to it.

Targeted Data Deletion on Digital Devices 

People are often unaware that even when files are emptied from a recycle bin, they remain present in the ‘unallocated space’ of the device. The content of those files still exists on the drive until they are overwritten or destroyed. Whilst located in the unallocated space, data is still located where hackers and identity thieves with technical acumen and the right tools can readily utilise it for their own personal gain. 

CYFOR offer a comprehensive, forensic deletion process adhering to the British HMG IS5 (Enhanced) standard of deletion. We run our deletion process three times over for complete certainty.

We often undertake secure deletion exercises as a result of our Corporate Investigations, which identify any unauthorised data and the related file path on the device. Testament to our service, clients often ask us to extend the scope of our work and perform any deletion and account disconnection that may follow. 

Why Should Companies Delete Data? 

The introduction of GDPR has brought targeted data deletion and erasure strategies to the forefront of corporate strategic thinking. Due to potentially punitive fines for non-compliance and responsibility for data protection now sitting with the senior leadership team, data governance is now firmly at the top of the business agenda within many organisations.

Organisations don’t always know where their data resides. Knowing about this issue and taking pragmatic steps to address it through data governance are two different things. Responding to subject access requests (SARs) for personal information is set to be a complex, time-consuming and expensive process. Under Article 17 of the GDPR, organisations must be able to prove that they can erase data effectively and permanently. Companies in both the private and public sectors need to prove that data is securely erased in line with the new guidelines and show that they are fully accountable for monitoring, reviewing and assessing relevant processing procedures.

Willingness to minimise data processing and unnecessary retention is necessary, as well as the incorporation of safeguards for all data-related activities. Many organisations are already viewing the GDPR as a reason to apply best practice management to their data storage strategies and there are several business benefits to putting an end-to-end erasure policy in place, and not simply just to comply with the revised European legislation.

Targeted Data Deletion vs Data Erasure 

The difference between deletion and erasure is often misunderstood and sometimes thought to be the same. It is important for businesses to understand that if data is deleted it is recoverable but if it is erased properly it is irretrievable.