According to sensitive data specialists Ground Labs, the delete key is fast becoming redundant. Partially deleted files or those hidden in automatic backups known as ‘shadow copies’ are providing cyber criminals with easy access to valuable, often unmonitored caches of customer data.
In the past twelve months, Ground Labs has identified files such as birth dates and card numbers that were ‘thought to be deleted’ in 92% of interactions with UK companies – from major retailers to banks and service organisations.
“Consumers assume that the technology employed in businesses goes far beyond the traditional delete key.” said John Cassidy, VP EMEA, Ground Labs. “Whilst this tends to be true, in reality, most organisations do not have a complete picture of where your data is stored and delete on the basis of what is immediately visible. This means that copies, backups and data stored in unusual formats, can circumvent the deletion process altogether.”
The EU’s General Data Protection Regulation (GDPR) is due to come into force in 2018. The new data compliance rules will incur severe penalties (up to 4% of worldwide turnover or €20million) for any organisation found to be in breach of these rules which includes the inappropriate storage of information. Despite Britain’s decision to leave the EU, UK companies with customers within the EU will need to ensure that they are GDPR compliant if they want to continue trading with those customers.
As well holding information on their current customers, many organisations continue to hold details of former customers for up to 3 years.
Cassidy added: “In many cases, storing old data is convenient for both the customer and the organisation as it is easier to locate their records, should the customer return. However it is important that customers are aware of these ‘data shadows’ and do not be tricked into thinking that their data is instantly deleted once they move their custom to a different company.”
Whilst Ground Labs specialises in advising large organisations on how to manage sensitive data, they do have some recommendations for consumers at home.
In June, Ground Labs launched new software called Enterprise Recon 2. The platform can be deployed within hours to hunt down more than 100 types of personal information then safely isolate and delete if necessary. Importantly, it enables employees to search files previously considered difficult to catalogue such as scanned images and audio recordings.
James Horne | 0203 701 7660