Re: Quick Survey: How do you "dispose" of outbound hard drives??

[Valdis Kletnieks <Valdis.Kletnieks () VT EDU>]

On Sun, 26 Sep 2010 22:27:17 MDT, "SCHALIP, MICHAEL" said:
> We're looking for efficiencies (who isn't?) - What process do you follow to
>  securely dispose of old hard drives?

What we do (unless we changed our policy and Randy didn't tell me about it yet :)

If they are still functioning and are in a functioning x86-based system, they
get DBAN pointed at them(*). It's quick to start, the guy can walk away for an
hour or two and let it run, and preserves the residual value of the computer
system being surplused. Otherwise they go in a big pile in the corner.  There's
a big paper shredder on campus that's also rated for grinding up metal, so
every few months they'll go grind up all the drives. They don't like to make
short runs of disk, because they need to do a thorough cleaning of the grinding
wheels/etc to keep metal chips from contaminating subsequent paper shredding
operations.  On the rare occasions that we surplus one of our remaining SGI or
Solaris or similar boxes that won't run DBAN, we'll usually just grind the
drives (the residual value of a 9G SGI drive isn't worth working too hard).

When feasible, we'll specify at purchase Dell's "Keep your hard drive" or other
vendor equivalent, so we don't need to worry about where RMA'd failed drives
go. If that's not available, we'll get a certification from the vendor that
RMA'd drives are disposed of securely.

If we're doing something big like sending an EMC Symmetrix back as a trade-in
on a replacement, we'll negotiate a certificate of secure disposal for the
drives involved.

(*) If a drive is still functional, a single-pass overwrite should be quite
sufficient to wipe data beyond recovery.  The proof is simple - no commercial
data recovery company is advertising the ability.  Burn the disk, crush it,
drop it in a lake, run "format c:" - those they can cheerfully recover. Single
overwrite, they won't touch, even though there's potentially a lot of money to
be made in that service.  It's of course possible the TLA's can do it - but if
"TLA reads data off our discarded hard drives" is a serious part of your threat
model, you probably should be asking elsewhere for security advice. :)

Incidentally, 3-pass overwrite is considered sufficient by the DoD for everything
up to "Secret" - "Top Secret" the recommended method still involves thermite. :)
I'm guessing that few of us have anything that's more sensitive than "Secret"
bouncing around on our servers. Accidentally exposing payroll data can be
embarrassing and involve lawsuits and civil penalties, but (as far as I know)
doesn't have you looking at time at Leavenworth for espionage charges. ;)

Attachment: _bin
Description: