Data Remanence in Storage Clouds
What is this ? Is it necessary ? How it is applicable to Cloud ? Should I be bothered ? .. I had all these questions in mind when I started lurking around to understand it importance and even so more in public storage clouds.
Data Remanence is very often referred as secure delete, secure purging etc. In a lay mans language its deleting you content permanently from disks such that there are remote to no possibilities for a malicious user
(having access to the disk which contained your data) to retrieve the data. In generic terms, the implementation involves overwriting the files with given sequence for a given number of times before its deleted.
In other words,
" When documents expire and are deleted (but not securely deleted) and if a malicious user gets access to the disk or if disk are say physically stolen the chances of extracting the data back is high.
Adhering to Department of Defense (DOD) specification 5220.22M,deleted data on disk drives is erased within the system and an auditable record of data erasure is provided to the customer."
So clearly one can see its usage for healthcare industry to help adhere to regulator compliances like HIPAA , in financial sector in federal and defense applications. But does a regular user need this or needs to be aware of this ?
- My answer to it is : Yes. As Cloud becomes more popular, storing data (personal/private) over public storage clouds will be common. When I store my data over a cloud , I have no control over the disk on which the data is stored. So when I delete my files with sensitive data over the cloud, will it be securely deleted. While I understand that there is a challenge to even confirm if the file is actually deleted, forget about securely deleted. But thats another story which can be blogged upon seperately.
So in summary, the storage clouds should provide means for end users to secure delete the data they want to classify as private - which they keep over the cloud. I understand that secure deletion will come at computation costs for the Clouds , but since security is a handling problem with public clouds , one might as well do it.. what say ?
Here are few tools:
Alternatively, use the following to always store data in encrypted format on the cloud.