Today, data centers are the backbone of of our digital information society. The question is: do you have a solid plan in place to effectively and securely handle your drives at end-of-life?
Whether it’s just disposing of a few failed drives, or a planned system upgrade, eliminating data from hard drives is one of the most critical elements of limiting liability in any data center.
The sensitive nature of the information on your drives makes it absolutely critical that when a drive fails or comes to end-of-life (EOL) that you efficiently, effectively and securely eliminate the possibility of that data being accessed on any defective or obsolete hard drives.
As data storage technology evolves, so must the data eliminations and destruction process. Depending on the security level of the drives, classified, top secret, or just sensitive, there are many ways to accomplish this vital task.
If you operate a data center with government classified or top secret information, according to the NSA, you need to first sanitize, also known as degaussing, a hard drive with an NSA approved device. Then once degaussed the hard drive must be shred, punched or otherwise physically destroyed.
More detailed information on degaussing options can be found here.
If you don’t have any government secrets on your drives or a strict internal policy, all you need to do is physically destroy them. No degaussing is required.
Crushers that punch and bend the drives are a great option for small batches of drives, or as support for smaller data centers, shipping them out to use as needed.
Today, there are many different hard drive shredders available for any application. These shredders can destroy between 50 and 3,500 drives an hour. The particle size you can choose from based on your security requirements can be anywhere from 3/4’”to 1-1/2” wide by random length. Hard drive shredders like these can quickly, efficiently and securely take whole drives and turn them instantly into highly recyclable metal scrap, making the drives unrecognizable and the information irretrievable.
More information about crushers and shredders can be found here.
Another major security concern for data centers is that many do not want to remove or transport the drives from the site or let anyone come on-site for HDD destruction. With some of the options shown above, destruction cab be completed in house and on-site to maintain the security of the site while meeting all destruction requirements. For smaller data centers that would not need a large full time device, many of these solutions are small enough to be shipped anywhere in the world from site to site as needed! This saves time, money and enhances a sites security by keeping contact with the data to internal personnel only.
As we have discussed, protecting the information and preventing unauthorized access to your obsolete drives and the information on them is the most critical element in managing your liability and reducing your risk. Many companies have already taken steps to prevent future problems. Will you be next?
See this video about how Google is tackling this challenge:
Is your company ready to maximize your hard drive security while minimizing the liability? If you have any additional questions about what solution is the best for you, SEM is here to help. Contact us today to ensure your data is destroyed safely, securely, and to all spec and regulations that need to be met.