Erase it, completely!
old disks are replaced, the data on these disks is erased before they are discarded.
This leaves open a potential security hole as sensitive enterprise information
can be recovered from supposedly blank disks using tools that are freely available.
Here's how you should protect your information. by Arun Rawtani
Out of sight, out of mind. When storage systems are upgraded,
retired on account of proactive maintenance, reach the end of their lease, or
are re-purposed or re-sold, companies often delete the data on these disks and
then they are forgotten. Unfortunately, a tremendous amount of critical, confidential
and competitive information remains on those disks, and this information cannot
be erased by pressing 'delete.'
The existence of this data exposes competitive intelligence,
increases vulnerability to industrial espionage and litigation, and jeopardises
an organisation's compliance with corporate governance practices and government
and industry regulations protecting proprietary and confidential corporate,
customer, and patient information. For example, regulations such as DOD Pub.,
5220-22.M, Sarbanes-Oxley and HIPAA require proof of secure erasure.
Consequently, it is vital that data is completely erased
and the erasure recorded to ensure that critical and confidential information
stays secure from accidental or malicious recovery. Done correctly, data removal
meets important compliance regulations and guidelines for erasing data such
as sensitive patient records or financial procedures.
Rationale for ensuring erasure
There are many reasons for completely and provably erasing
stored data, including:
- Data disposal and erasure has to conform to industry
and other regulatory requirements.
- Potential litigation, loss of intellectual property,
or financial loss can result from insecure data disposal.
- Information that isn't properly erased remains accessible
when storage systems are returned under lease, re-deployed, swapped or re-purposed.
- Corporate guidelines require data erasure and removal
of proprietary information prior to returning leased systems or re-purposing
- Some companies or industries require proof of data
erasure and overwrite levels.
- Companies have different data disposal standards
for different types of information.
- Some companies and industries require a three-pass
or greater overwrite process (recommended in DOD 5220.22-M level).
- Companies have strict security requirements to retain
all disks, and you need to secure them.
Wipe that disk clean
Most companies know how to implement security measures to
protect existing data. However, the options for safely and securely removing
data from a drive so that it cannot be retrieved are not nearly as advanced.
Common measures include one-pass overwrites, degaussing, physical destruction,
and physically storing old drives.
One-pass overwrites: Replacing data stored on hard disk drives
with a variable bit pattern of 1s and 0s effectively renders the data unrecoverable.
A single pass will successfully overwrite some of the data, but not all disk
sectors are visible to overwrite applications.
This can leave highly critical information perfectly intact.
Multiple passes yield better results, but the overwrite application must be
sophisticated enough to locate and overwrite hidden and damaged sectors, as
well as produce audit reports for compliance purposes.
Degaussing: Demagnetising to remove all data. Degaussing
can be effective, but it often leaves the disk drive unusable. This is not a
good thing if a company intends to re-purpose its drives. It is also not cost-effective
to degauss large numbers of high capacity disks in storage systems.
Destruction: Physically crushing and shredding drives is
very effective and can even be therapeutic for stressed-out IT professionals.
That said, the process is time-consuming, costly, and impractical for retiring
a large number of drives.
Storing old drives: Physically storing drives that have presumably
been erased before they are stored. It has been estimated that 85 percent of
business espionage crimes are inside jobs. Thus, this technique may make it
easier for employees to access retired drives to commit these crimes. Physical
storage does not meet most compliance regulations regarding erasure, nor does
it protect a firm in the event of litigation.
When it comes to returning, reselling,
re-purposing, trading, or swapping out storage assets, companies need
secure and complete data erasure to meet corporate governance, industry
specification, and government mandates
The most efficient, cost-effective and compliant method of
erasing data is to completely overwrite the drive to render the data virtually
unrecoverable, and be able to report the procedure.
This is harder than it looks, especially when large and complex
storage systems are involved. Companies can assign service levels according
to the relative importance of the data, with more overwrite passes for critical
information. (Common overwrite levels go from three passes for non-critical
data up to seven for the most sensitive information.) Once done, the professional
service or erasure application should deliver an independent audit and written
proof of service completion.
Observing best practices in data erasure has a number of
benefits for security-conscious firms. Complete data erasure maximises compliance
measures by managing risk, ensures information in the lifecycle disposal phase
is really being disposed, enables the utilisation and re-purposing of storage,
and lets IT professionals sleep at night knowing they have secured important
data on released storage assets.
Data erasure services
number of hardware and software vendors provide data erasure services for the
PC market, but storage systems are ignored for the greater part. Due to the
sheer size and complexity of storage systems, efficient and complete data erasure
is beyond the capabilities of simpler methods. Managing data lifecycle from
creation through deletion includes making sure that data has actually been disposed.
Storage system data erasure services can completely erase
data on storage assets and prove that they have done the job. Any secure data
erasure for storage systems should be able to handle the specific requirements
of storage assets, be available from highly-trusted professional services (for
complete security and audit purposes), erase multiple disks and frames concurrently,
have a flexible overwrite pattern for differing specifications, be delivered
at the customer location to increase security and eliminate delays, and provide
independent audit and documentation of data erasure.
While firewalls and other security measures protect data
at the front-end of the storage lifecycle, it is equally important to protect
data at the back-end. When it comes to returning, reselling, re-purposing, trading,
or swapping out storage assets, companies need secure and complete data erasure
to meet corporate governance, industry specification, and government mandates.
Reliable and proven data erasure services dramatically reduce
potential litigation resulting from the uncontrolled distribution or viewing
of confidential information, help avoid the physical destruction of perfectly
good equipment, and address security concerns. Companies can safely sell or
re-use storage equipment and ensure they have the audit trail necessary to meet
corporate and industry conformance requirements by availing of these services.
Importantly, this will protect an organisation's most valuable asset-its information.
The author is Country Manager, Technology Solutions Group,EMC