In contemporary computer systems and networking, computer users access data that is stored and managed in a variety of storage configurations, including traditional on-premise environments and in data server center environments. Such data may be subject to theft or tampering. For instance, it is possible for disks to be mishandled during decommissioning and it is also possible for malware and spyware to be installed on the storage devices or host system.
Physical access to an organization's secure areas, equipment, or materials containing sensitive data make it possible for a malicious insider to steal or damage the stored data. For example, a janitor or other building contractor may steal physical disks, other storage devices or even an entire computer system. Further, beyond physical theft and/or mishandling of the storage hardware, an operating system may be implanted with malicious software by unauthorized personnel that have physical access to the storage media. Malicious software could infiltrate or destroy data, or maintain persistent unauthorized access, amongst other problems.
Additionally, in computer networking, a hacker may manipulate the normal behavior of network connections and connected systems. Hackers may use scripts or other software to attack computer networks, manipulating data passing through a network connection in ways designed to obtain more information about the target system or obtain access to the data. According to some estimates, there are over one million new unique malware samples discovered each year. Unlike worms and mass-mailers of the past, many new viruses are extremely targeted to particular industries, companies and even users, making them more difficult to detect and prevent.
Most computer systems are eventually cycled out of service. However, sensitive data often remains on the storage devices of these systems. Sometimes, that computer or storage device is recycled, resold, left to collect dust in a closet, or can fall into a malicious person's hand. There are several popular methods that companies use to remove data from decommissioned storage devices. However, deleting data with the operating system may only remove pointers to the data, not the data itself, so the data can actually still be recovered. Other processes for removing the data can be bulky, time consuming to use, expensive and dangerous, and in the end, the data may still be readable.
Accordingly, there is an ongoing need to provide methods for adding security to data that is maintained on storage devices, particularly for storage devices that are susceptible to theft and/or tampering.