Today, media-devices are less normal than they were a few years prior, on the grounds that the present pattern is the cloud, despite the fact that there are still many individuals utilizing pen drives, outer hard drives, and so on. All the information in the cloud is eventually put away on a server, i.e., its hard circle, which is likewise a media gadget. As you will see later in the article, media gadgets should be discarded safely.
ISO 27001 Certification Service in Kuwait is an international standard for the protection of information, and we will see how this standard can help us with the disposal of media devices.
What are the media?
Taking into consideration that, in ISO 27001 Consultant in Hyderabad is an international standard, the most important thing is the information, we need to take care of the media that we are using the store information. But, what do I mean by “media”?
For the most of the part, in this unique situation, a medium is a gadget that is utilized for putting away data, so media would incorporate hard drives is USB pen drives, outside hard drives, CDs, DVDs, and so on.
Confidential information
A lot of organizations have a method for the classification of their information, because not all media have the same information, and not all of the information has the same value for the business. For example, there is a big difference between a USB pen drive containing a PDF file with a presentation of the business (which can be considered as public information), and a USB pen drive containing the organization’s database of customers (which can be considered as confidential).
We should see a simple model about how to treat this hazard. You have a benefit, which is, for instance, a hard drive containing classified data about the business. This hard drive was introduced on a data framework (a server), however the you chose to move data to another data framework, e.g., to another server or to the cloud. This unique hard drive will be to utilized the for another reason and, subsequent to replicating all information, you have to deal with the first data, which ought not be gotten to by unapproved individuals.
For the treatment of this hazard, you can lessen it by actualizing ISO 27001 Certification in Nigeria control A.8.3.2 Disposal of media security control, and here are some basic approaches to execute this security control:
Physically destroy the media:
You can do this, for example, by incineration or shredding, etc. This is physical destruction is also applicable to the damaged devices. But, be careful, to because a damaged media device can also have to sensitive information that could be restored, so to avoid this, you should destroy it physically.
Securely erase the information:
There are programming apparatuses that the you can use to overwrite the information, or to erase it in a protected manner.
Select an outer gathering:
There are many number of organizations giving the administration of demolition of your media, however the here you have to take care with the is determination of the supplier by characterizing a non-divulgence agreement.
Avoid the aggregation effect:
It is better if you avoid having a lot of media to containing non-sensitive information, is because something within the group could become sensitive information.
Register the disposal:
Registering that the disposal provides you with useful the information for audit trails (what media has been destroyed, or what media is reusable, etc.).
My preferred method
I have left the best for the end, that because now you know the common ways for the disposal of media, but now I will tell you about my favorite methods.
As Lead Auditor, I have audited a lot of organizations around the world, and I have to see organizations deleting information and disposing of information using private software solutions, which, in some cases, are expensive. In other cases, some companies are selecting external providers that are experts in the service of disposal, but this also has a cost.
My preferred method is easy and free:
- Encrypt the whole hard plate, utilizing a solid calculation and utilizing as an extensive secret words.
- Delete all the information in a secure way, the using software solutions (there are a lot of free solutions).
- Delete all the information in a protected manner, utilizing the programming arrangements (there are a great deal of free arrangements).
- Physically destroy that the media device (incineration or shredding, etc.).
In reality, the method would only be applicable to the most critical and sensitive information, and for data with less criticality, only one of these methods will be enough.
Contact us:
How to get ISO 27001 Certification in Mysore? You can contact us at contact@certvalue.com or visit our official site at certvalue.com we are top ISO Certification Consultant service in India, Kuwait, Malaysia, Italy, Saudi Arabia, Australia, Afghanistan, Lebanon, Yemen, New Zealand, Iraq, Iran, Qatar, Oman, Singapore, Philippines, e.t.c. To get about this capacity in helping your association get to ensure. ISO 27001 Consultants in Egypt will provide the best available plan in the market, you always feel free to contact us.