Re: Secure Data Deletion Idea?

[Valdis.Kletnieks () vt edu]

On Thu, 31 Mar 2005 10:23:40 PST, John Blood said:

> I'm thinking about what the possibilities for a secure
> data deletion business would have in the United
> States.

Be prepared to travel. A *LOT*. The people who would pay for such a service
are most likely not going to fedex the disks to you for deletion.  So all the
work will likely be on-site.

Another problem you'll encounter is that the people who are willing to
contract for such a service likely already *have* something in place - I'm
currently looking at having to physically destroy some 100 or so old 4G and 9G
drives off a RAID array that had sensitive data on it.  But you'd have a hard
time selling me your service, because we already have a chipper/shredder that's
able to chew them up sufficiently.   You're only going to be able to sell to
the sites that are *just* realizing that they have a problem, and/or subcontract
to those *very* large sites that are willing to outsource the problem to a
bonded disposal company (yes, you'll need to be heavily bonded for this, for
obvious reasons...)

Whether you go for software cleaning or physical destruction, the biggest
problem you'll face is figuring out the value-added that makes your service
worthwhile when they can buy the same software themselves, or just pop down
to the local hardware store and pick up a sledgehammer for a few dollars....

On the other hand, someplace you *can* make money is on the consulting side,
tracking the data flow through the organization and identifying *all* the
information leakage points (not just physical media, but Googlehacking and
the like as well), and presenting them in a report with suggested resolutions...

Attachment: _bin
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/