#Cybersecurity
#Digital
30/03/2023
On Thursday, February 9th, our event on the data lifecycle took place in collaboration with Streff, a specialist in data archiving, storage, digitization, and data destruction. The purpose of this conference was to explore the various key stages in the life of data, from its creation to its destruction. Corinne Berlocher, Sales Director at Streff, and Eric Preud’homme, Product Manager at Rcube, shared their knowledge and insights during this presentation.
To understand the process properly, it’s important to keep in mind that there are two different types of data: physical data and digital data.
Data is crucial to a company’s operations. Once archived, it is stored for a defined period based on associated regulations.
To optimize office space, archives can be entrusted to professionals who adhere to security standards (archives are organized based on their nature and/or legal regulations, such as personal data).
Upon the client’s request, Streff initiates the data destruction process. This renders the data unusable, ensuring the strictest confidentiality for the client.
The destruction process is governed by well-defined rules:
Physical destruction applies to both paper documents and all electronic or IT equipment, such as hard drives, USB drives, etc. The waste generated by this destruction is subsequently processed by accredited recycling centers, always with an emphasis on Corporate Social Responsibility (CSR).
Data generated by information technology must also be managed for several reasons:
When data is created, it remains the intellectual property of the organization and the client relationship.
This data must be stored confidentially using strict data redundancy and security strategies. To mitigate any risk of loss, data recovery plans in the event of failures or disasters are applied. Companies define periods during which they can operate without data; these are known as Recovery Time Objectives (RTO), Recovery Point Objectives (RPO), and Decision Time Objectives (DTO).
Specific regulations, as defined by organizations like the regulator, insurance commissioners, or medical boards, must, of course, be considered and adhered to.
Once used, data is viewed, processed, and shared among employees, executives, and board members. This usage phase is the most vulnerable, making it essential for data to be transported to a secure location, and for education and notification procedures to be implemented. This minimizes the risk of data leakage, which could have serious consequences for the concerned organization.
The implementation of proven data sharing solutions is essential to ensure that data is accessible and shared among authorized individuals. For example, the solution offered and hosted by Rcarré-Rcube, Rfile, is based on the Oodrive tool.
Like physical data, digital data has a limited lifespan defined by national laws and industry regulations. The archiving of such data can be done through PSDC (Common Security and Defense Policy) accredited providers.
Regarding data destruction, which is necessary for IT equipment reuse, certified data erasure, donation, or to ensure a certain level of confidentiality, certified software used by global organizations (NASA) can be employed. This is the case with the Blancco solution, a partner of Rcarré-Rcube.
In summary, the data lifecycle must adhere to strict rules to ensure complete confidentiality for the client. Clients must feel that their documents are secure and not fear data leakage. Once data is destroyed, it completes its cycle, and the process begins anew… with new data!
Learn more about data archiving and storage