• Choose a category
• All
• Classic-Fiction

Many organizations have mountains of information that needs to be classified. Many have implemented automatic downgrading policies for information; these policies may indicate a length of time that information must be retained or reviewed. The review can determine whether the information must be retained or can be disposed of. This process can significantly reduce the amount of information that requires special storage in an organization.

The U.S. government implemented an automatic declassification system several years ago, and it has saved the government billions of dollars in storage and security costs.

Information Retention and Storage Policies

Information retention and storage policies deal with how information is stored, how long it’s retained, and any other significant considerations. These policies should identify who owns certain types of information.

One of the biggest problems facing larger facilities is the amount of data that is backed up and stored. Information organization, data library capabilities, and good operational procedures can help make this task manageable.

Schools and similar organizations are required to keep certain information, such as transcripts, forever. The information retention problems associated with these types of situations can be overwhelming for some organizations. The University of Washington in Seattle had to convert a large underground parking garage into a storage facility for student records. The university has the transcript of every student who has attended since it opened over 100 years ago.

Information Destruction Policies

Information destruction policies define how information is destroyed when it has reached the end of its useful life. The elimination of unneeded paper and other confidential files is a big job for many organizations.

Paper documents containing sensitive information should be shredded or incinerated when they’re no longer needed. Doing so reduces the likelihood that this information will wind up in the wrong hands.

When computer systems are retired, the disk drives should be zeroed out and all magnetic media should be degaussed. Degaussing involves applying a strong magnetic field to initialize the media (this is also referred to as disk wiping). Erasing files on a computer system doesn’t guarantee that the information isn’t still on the disk; a low-level format can be performed on the system, or a utility can be used to completely wipe the disk clean. This process helps ensure that information doesn’t fall into the wrong hands.

The low-level format returns a disk drive or other magnetic media back to the state it was in when it was brand new. The process physically rewrites every location on the disk back to its original state. Windows and DOS systems can use a program called FISK to perform this task. Most disk manufacturers either provide utilities to accomplish this or can recommend what tools to use. You should verify the procedures and settings for a low-level format from the disk manufacturer because incorrect settings can cause a disk drive to work unreliably or become extremely slow.

Real World Scenario

Selling Your Old Computers

Recently, a company decided that it needed to close its doors and go out of business. It had an extensive inventory of computer equipment and licensed software, so it decided to hold a “going out of business sale” on the computer equipment. The company merely deleted sensitive information from the systems it sold; it left the operating systems installed. When the sale was announced, the company received a nasty letter from one of the large software manufacturers saying that it was in violation of the End User License Agreement (EULA). It had to remove the operating systems from all the computers in order to comply. The company could sell the computers, and it could sell the operating systems media separately, but it could not sell them together.

Within a computer—be it a workstation or server—there exists