How to Securely Purge Highly Sensitive Files with Panzura Secure Erase
21 September 2021All, Digital Transformation, IT Services, Panzura
Most computer users today are aware that just because you erase a file, that doesn’t mean it’s really gone.
If your documents are subject to strict data security and management, you are most likely required to remove all traces of highly sensitive files when they are being deleted – also referred to as “data wipe.” If so, you need a way to delete those files and folders so the contents can’t be restored, even when using the most advanced technology available. In fact, often it’s not only all versions of the specified files and folders that need to be erased, but the associated objects stored in the cloud as well. For your sensitive files, disposition and decisions to erase occur throughout the files’ lifecycles up to their end-of-life.
One event that spurred the need to completely erase data was the reclassification of the security status of certain files by the Department of Justice. In other cases, classified files may have mistakenly been stored in shared access and needed to be removed.
To help with data erasure decisions, the National Institute of Standards and Technology (NIST) Computer Security Divisionhas published recommendations for purging data in its Publication 800-88. These guidelines for media sanitization provide guidance on practical sanitization decisions based on categories of confidentiality. The media sanitization is intended to make it infeasible to gain access to the deleted data.
While there are options for software applications that provide media sanitation, the most complete data erasure method available, except for physically destroying the storage media itself, is Panzura Secure Erase.
The steps for using Secure Erase include:
1. Specify the file or directory name to remove.
2. Select a date for deletion or choose “Now”for immediate deletion.
3. Click Eraseto activate the delete operation.
4. Report generation will show deleted files.
Panzura enables the user to manage snapshot settings in the CloudFS that specify when files “age out.” Secure Erase can be used with any supported cloud provider and is especially helpful in cases of erasing large quantities of data.
To free up memory and CPU performance, Secure Erase operations can be scheduled up to seven days in advance.
Proof of Purge
When the snapshots reach their end-of-life and are deleted by the administrator, no trace of the file/folder will exist anywhere within the CloudFS. This is verified by a log file. The log file can be downloaded from the web user interface when administrators need to provide documented proof of the erasure, a step recommended by the NIST guidelines. rase is a licensed feature
The Secure Erase report also details the steps that were taken to remove the data from the cloud and provides a list of all files that have already been deleted. After the report is downloaded, the report contents can also be erased from the system.
To find out more about using Panzura Secure Erase, reach out to the experts of the Applied Software Digital Transformation Team and start a conversation with one of the Panzura experts.