As IT pros, we often go to great lengths to make sure that our storage architectures perform well enough and are reliable enough to meet the organization’s needs. But many of us give little thought to protecting our data when it’s time to dispose of old hard disks.
For a very short period of time many years ago, I was in the storage media destruction business. For the sake of advertising, I created a viral video of old hard drives being destroyed in lots of different dangerous and irresponsible ways. I then presented my service as a safe alternative. The video was definitely over the top, but the point behind it was that sometimes you need to go to great lengths to protect your data. Fortunately, there are far safer ways to protect your data.
The first step is to understand where your data resides. On the surface, this concept sounds ridiculous. It would involve a lot more work and greater risks to use one technique for disposing of disks containing sensitive data and a different technique for disposing of disks that do not contain sensitive data. It is better to use a single, secure method for disk disposal, regardless of the disk’s contents. But that isn’t what I am talking about.
When I say that you need to understand where your data resides, I mean that you need to be aware of all of the places in your organization where data might be stored. Let me give you an example. Several years ago, there was a situation in which Affinity Health Plan turned in some digital copiers that it had leased. What the company did not realize was that those copiers contained hard disks, which were filled with sensitive data as a result of the way that the copiers were used. In an apparent sting operation, a news outlet acquired two copiers and examined the contents of the hard drives. As a result, Affinity Health Plan received a $1.2 million fine from the Department of Health and Human Services. The point is that it is impossible to adequately protect your data if you do not know where the data resides.
The second step is to have a media disposal plan and keep it up to date. Simply stating that all decommissioned hard drives are to be securely formatted is completely inadequate. For one thing, such a plan does nothing to address hard disks that have failed. After all, the hard drive’s platter likely still contains data, even if the disk’s motor or heads have failed.
The other problem with making a blanket statement pertaining to the way that hard disks should be disposed of is that such a plan may not take into account other forms of media that could also contain sensitive information. A hard disk disposal plan might not be appropriate, for instance, for disposing of old USB flash drives or aging iPads.
Another recommendation for the disposal of old storage media is to ensure that any labels that are specific to your organization are removed prior to disposal. Imagine for a moment that someone were to purchase 5,000 used hard drives off of eBay. Now suppose that out of those 5,000 drives, there were a handful that contained authentic Department of Defense labels. Those labels set certain drives apart from all of the others. Even if the person who purchased the drives did not initially have any bad intent, just seeing the Department of Defense labels on some of the drives might pique their curiosity enough to make them take a look at the disk’s contents. Needless to say, you do not want your organization’s old drives to be singled out in this way.
That leads me to one more best practice. If you do not plan to reuse the old disks, then use a service that certifies the destruction of old drives. Some such organizations use bar codes to track each disk, and will even provide you with photographic proof that a drive has been destroyed. Having this type of tracking available can go a long way toward helping with your compliance efforts.