Controlled information destruction: the final frontier in preserving information security for every organisation

Information security represents the cornerstone of every data processing system which resides in an organization’s trusted network, implementing all necessary protocols, mechanisms and policies to be one step ahead of possible threats. Starting from the need to strengthen the set of security services, in this paper we introduce a new and innovative process, named Controlled Information Destruction that is meant to secure sensitive data that are no longer needed for the organization’s future purposes but would be very damaging if revealed. The disposal of this type of data has to be controlled carefully in order to delete not only the information itself but also all its splinters spread throughout the network, thus denying any possibility of recovering the information after its alleged destruction. This process leads to a modified model of information assurance and also reconfigures the architecture of any information security management system. The scheme we envisioned relies on a reshaped information lifecycle which reveals the impact of the controlled information destruction procedure directly upon the information states.