Although 49 percent of businesses say they employ some sort of policied data erasure system, 75 percent of those do not erase data securely, finds Kroll Ontrack in their new global survey.
The poll on data wiping practices found fewer than 50 percent of businesses regularly use a process of erasing sensitive information from old computers and hard drives.
Most of the businesses that do deploy some type of data erasure do not do so securely, Kroll found.
This exposes most organizations to data breaches, which affect businesses at least once per year, according to another Kroll study, the 2010 Kroll Ontrack Annual ESI Trends Survey.
In recent years, a handful of researchers have reported that breaches of this kind can cause enterprises to spend millions of dollars on repairs, litigation, and lost productivity.
The survey queried more than 1,500 respondents from 12 nations across North America, Europe, and the Asian Pacific rim regarding their data wiping procedures.
The report also found that 40 percent of businesses gave away their hard drive to another person, and 22 percent say they do not know where their old computer went.
Deleting files from a hard drive only categorizes the files to be rewritten, which does not necessarily happen, says Kroll executive Jim Reinert.
"Furthermore, reformatting the drive only removes the entries in the index or table of contents that point to the data," he notes.
"And, physically destroying a drive is not a guaranteed method of protection, as Kroll Ontrack has been recovering data from severely damaged drives, such as the Columbia space shuttle, for more than 25 years."