The Importance of Deleting Old Stuff—Another Lesson From the Sony Attack
I don’t always agree with Bruce, but here’s one area where we are in complete concordance. Please don’t keep useless but potentially damning data around just to have it… *
Thousands of articles have called the December attack against Sony Pictures a wake-up call to industry. Regardless of whether the attacker was the North Korean government, a disgruntled former employee, or a group of random hackers, the attack showed how vulnerable a large organization can be and how devastating the publication of its private correspondence, proprietary data, and intellectual property can be.
But while companies are supposed to learn that they need to improve their security against attack, there’s another equally important but much less discussed lesson here: companies should have an aggressive deletion policy.
One of the social trends of the computerization of our business and social communications tools is the loss of the ephemeral. Things we used to say in person or on the phone we now say in e-mail, by text message, or on social networking platforms. Memos we used to read and then throw away now remain in our digital archives. Big data initiatives mean that we’re saving everything we can about our customers on the remote chance that it might be useful later.
More: The Importance of Deleting Old Stuff—Another Lesson From the Sony Attack
*ok so you are anal and you just gotsta gotsta keep it — burn it to dvd and stick it in a vault if you have to, but keep it completely off of media that can be accessed with less than physical actions and physical security. Destroy all records that it exists in whatever format while you are at it. Even at that, if you get hit by a truck, someone’s still going to find it.