In this exclusive interview, Mr. Manoj Dhingra, Co-Founder & Director – Domestic Business, Stellar Information Technology Pvt. Ltd., shares his insights on the growing importance of certified data erasure, compliance under the DPDP Act, and responsible IT asset disposition. He discusses how organizations can strengthen data governance, reduce cyber risks, and leverage solutions like BitRaser to achieve secure, audit-ready data sanitization while supporting sustainability and operational efficiency.
IT Voice- With India’s Digital Personal Data Protection (DPDP) Act gaining momentum, how do you see organizations reshaping their data management and compliance strategies?
Manoj Dhingra- The DPDP Act is pushing organizations to move from reactive compliance to proactive data governance. Businesses are now focusing on knowing where sensitive data resides, how long it is retained, and when it should be securely erased. We are seeing enterprises adopt stricter data lifecycle management policies, automated retention controls, and auditable data erasure processes. For example, a BFSI organization retiring employee laptops can no longer rely on manual deletion or formatting. They need certified erasure with tamper-proof audit trails to demonstrate compliance and reduce breach risks.
IT Voice- What are the biggest challenges enterprises face today in securely erasing sensitive data across hybrid IT environments?
Manoj Dhingra- The biggest challenge enterprises face today is the lack of visibility and control over data spread across increasingly complex IT environments. Sensitive information is no longer confined to corporate data centers—it exists across employee laptops, remote endpoints, cloud platforms, virtual machines, mobile devices, and backup repositories.
The second challenge is ensuring consistency. Different storage technologies require different sanitization approaches, and many organizations still rely on manual processes that are difficult to scale and audit. As a result, data often remains exposed on retired, reassigned, or decommissioned assets.
Another critical challenge is compliance. Regulators and customers need a proof that sensitive information has been permanently erased through verifiable reports and audit trails.
For example, securely sanitizing NVMe SSDs, virtual assets, and cloud storage requires different techniques than traditional HDDs. Legacy methods like overwriting often fail in these modern environments.
IT Voice- How is BitRaser helping businesses address growing concerns around data privacy, compliance, and secure data disposal?
Manoj Dhingra- BitRaser enables organizations to securely sanitize data across laptops, desktops, servers, Mac, external storage devices, virtual environments, and mobile devices, ensuring that sensitive information is permanently removed before assets are reused, redeployed, resold, or retired.
What differentiates BitRaser is its ability to combine secure data erasure with compliance assurance. Every erasure operation is backed by a detailed tamper-proof audit report, and digitally signed certificates, providing organizations with verifiable proof of compliance.
Our solutions support globally recognized standards and guidelines, including NIST 800-88, IEEE 2883:2022, US DoD 5220.22, and other international data sanitization algorithms. This helps enterprises meet regulatory requirements, pass compliance audits, reduce the risk of data breaches, and support sustainable IT asset disposition practices.
IT Voice- In your view, how important is certified data erasure in sectors like BFSI, healthcare, government, and education?
Manoj Dhingra- Certified data erasure is critical for sectors such as BFSI, healthcare, government, insurance, and education because they manage some of the most sensitive personal, financial, and confidential information. A single data breach incident can lead to significant financial losses, reputational damage, regulatory penalties, and loss of stakeholder trust. The cost of improper data disposal can be enormous.
In healthcare, retired devices may contain Protected Health Information (PHI), making compliance with regulations and frameworks such as HIPAA and HITRUST essential. In the BFSI and insurance sectors, decommissioned systems often store customer financial records, policyholder information, payment data, and personally identifiable information (PII), which are subject to stringent regulatory and data protection requirements. Government agencies handle citizen records, national security information, and public service data, while educational institutions store student records, research data, and personal information.
Morgan Stanley’s failure to securely sanitize retired storage assets ultimately led to regulatory penalties and settlements exceeding $150 million, highlighting why certified data erasure is now a board-level risk management and compliance priority.
Certified data erasure ensures that sensitive data is permanently and irretrievably removed in accordance with globally recognized standards. Equally important, it provides a verifiable audit trail and certificate of erasure, enabling organizations to demonstrate compliance, strengthen governance, mitigate breach risks, and maintain the trust of customers, patients, citizens, and students.
IT Voice- As data volumes continue to grow rapidly, what role does automation play in modern data processing and sanitization workflows?
Manoj Dhingra- Automation has become essential. Manual data sanitization processes are time-consuming, error-prone, and difficult to scale. Automated customized workflows with ‘no-click’ erasure help organizations erase data faster, enforce policies consistently, and maintain centralized audit logs. For example, enterprises can automate erasure verification and report across thousands of endpoints during device refresh cycles. They can customize BitRaser Drive Eraser app in a way that no human interference is required post deployment. The application can be deployed via the PXE boot on a network to wipe connected machines and save the erasure report centrally in the cloud. Further all company locations can deploy same standard of erasure to be compliant to NIST guidelines as an example.
Automation also improves operational efficiency by reducing turnaround time in ITAD and device redeployment processes.
IT Voice- What trends are you observing in India regarding data lifecycle management and responsible IT asset disposition (ITAD)?
Manoj Dhingra- India is witnessing a strong shift toward sustainable and compliance-driven ITAD practices. Organizations are increasingly prioritizing device reuse and refurbishment over physical destruction. There is also growing awareness that physical shredding destroys asset value and contributes to e-waste, whereas certified data erasure enables safe reuse and supports ESG goals.
Another major trend is the demand for audit-ready reporting and compliance documentation as organizations prepare for stricter regulatory oversight under laws like the DPDP Act. Even ISO 27001 mandates safely removing data from assets that are reallocated within the organization or sent for disposal. Record of data destruction is to be maintained here too.
IT Voice- How can organizations balance operational efficiency with stricter data protection and governance requirements?
Manoj Dhingra- Organizations often view data protection and governance as obstacles to productivity, but the most successful enterprises treat them as enablers of operational excellence. The goal is not to add more controls—it’s to embed security, privacy, and compliance into everyday business processes.
By enabling data classification, data retention, access controls, and secure data sanitization, organizations can strengthen compliance while reducing operational overhead. Equally important is adopting a risk-based approach. Not all data carries the same level of sensitivity, and governance efforts should focus on protecting the most critical assets without creating unnecessary friction for employees and business operations.
For example, when organizations automate the sanitization of end-of-life IT assets and generate audit-ready reports as part of the workflow, they eliminate manual effort, reduce compliance risks, accelerate asset disposition, and maximize asset recovery value. In today’s regulatory environment, operational efficiency and data governance should no longer be viewed as competing priorities—they must work together as part of a unified strategy.
IT Voice- With increasing cyber threats and data breaches, what preventive measures should enterprises prioritize in 2026?
Manoj Dhingra- Enterprises should prioritize a zero-trust security approach, stronger endpoint security, data minimization, and secure data disposal practices. One overlooked risk is residual data on retired or reassigned devices. Even advanced cybersecurity controls become ineffective if sensitive data remains accessible on old assets.
Organizations should therefore focus on employee awareness, continuous monitoring, and regular compliance audits to strengthen overall resilience.
IT Voice- Looking ahead, what innovations or strategic priorities can we expect from BitRaser in the domain of secure data erasure and compliance solutions?
Manoj Dhingra- As data privacy regulations evolve and IT environments become more complex, BitRaser is focused on advancing automation, scalability, and compliance-driven data erasure. Our priorities include expanding support for erasing emerging storage technologies like Shingled Magnetic Drives, LUNs, Network Switches, Routers etc. Alongside we wish to enhance the user experience and management of reports in our cloud console. We wish to integrate BitRaser with almost all IT asset management software using our portable API. Further, our ESG report will help organizations showcase their contribution to saving CO2 equivalent emissions by erasing data and promoting device reuse.
