Defense in Depth: Data Destruction

How do you deal with data at end of life? Holding onto data too long can be very costly and increase risk. So how do you get rid of it… safely?

Check out this post for the basis for our conversation on this week’s episode which features me, David Spark (@dspark), producer of CISO Series, guest co-host Shawn Bowen, CISO, Restaurant Brands International (RBI), and our sponsored guest, Frank Milia, partner, (@ITAssetRecvry), IT Asset Management Group.

Thanks to this week’s podcast sponsor, IT Asset Management Group

IT Asset Management Group
Poorly managed IT asset disposal, lack of due diligence, and a disposal program without clearly defined responsible parties has now resulted in millions of dollars in regulatory penalties.  Is it clear who is responsible for the performance of your data disposition practice?   IT Asset Management Group’s free program guide includes tips for establishing stakeholders at your organization and expectations for all practitioners.      
Download the program guide today at

Got feedback? Join the conversation on LinkedIn.

In this episode

  • Is the risk of holding onto data greater than the value of keeping it?
  • Should client data be considered a “toxic byproduct”?
  • When disposing of client data, how much destruction is enough?
  • What legal and regulatory requirements should be considered before destroying data?

Defense in Depth