Data Destruction and Disposal
Companies often forget about data once they stop using it day-to-day. Leaving outdated data on sunsetted systems increases your potential exposure in the event of a data breach. Ensure that data no longer actively used is properly disposed of and devices that contain data, such as laptops, old hard drives and USB drives are properly DoD data wiped or destroyed. Retired company laptops may still retain recoverable data on their hard drives even after formatting. A policy-driven culture enforcing proper destruction and disposal of retired equipment is best practice.