Physical HDD destruction methods
Drilling through a designated location on the HDD and logic chip can disable the HDD but is not 100% fail proof. This approach can be applied to HDDs that are later to be destroyed but need to be safely transported to the location where the destruction is to take place.
Drilling through a designated location on the HDD and logic chip can disable the HDD but is not 100% fail proof. This approach can be applied to HDDs that are later to be destroyed but need to be safely transported to the location where the destruction is to take place.
Photo 1 - drill hole damaging a particular memory chip
Photo 2 - hole where drill bit aligns with memory chip on the other side
Clients may not be in favour of the above approach as it does not meet the organisation’s sanitization policy; additionally the sound of a screeching drill attempting to disable numerous HDDs may not be suitable for office environments.
Degaussing Wand
Some other organizations prefer the method of using a degaussing treatment directed to the HDD platter. The courier disassembles the HDD first:
Some other organizations prefer the method of using a degaussing treatment directed to the HDD platter. The courier disassembles the HDD first:
Photo 3 - disassembled HDD
A degaussing wand is applied by wiping the wand across the face of the platter.
Photo 4 - degaussing wand
Degaussing, commonly called erasure, leaves the domains in random patterns with no preference to orientation, thereby rendering previous data unrecoverable. There are some domains whose magnetic alignment is not randomized after degaussing. The information these domains represent is commonly called magnetic remanence or remnant magnetization. Proper degaussing will ensure there is insufficient magnetic remanence to reconstruct the data.
Due to the process involved with degaussing the local client may have concerns that there is no actual proof the degaussing paddle has administered any treatment to sanitize the data resident on an HDD magnet media. On the face of it this a natural and fair observation.
The courier can offer several helpful observations to assist the client understand the treatment being used. One observation is to suggest to the client when the degaussing wand throws the data on the recorded on the platter into random patterns making the data unreadable, is a bit like messing around with a magnets and iron filings producing domains with random patterns that have no meaning:
Photo 5 - Iron filing domains with preference patterns
Photo 6 - Random patterns with no preference
Some customers like observations that give them an imagery in their mind as to how things work. However, for the non-scientific mind, the tendency is towards rules, regulations, standards, and examples of authorities using the degaussing technique.
Should the above examples not assist the client, then there is the obvious statement that why would the courier be using the degaussing wand tool if their organisation had not approved its use in the first place?
Lastly, if local client still is unsure then enquiries should in the first instance be referred back to the client management who are aware of the standards to be applied as defined by the organisation’s policy.
Data Wiping Software Tools
As a reminder regarding data wiping software tools, there are numerous standards that also define the number of erase overwrites that the erasure software tools apply during data wiping. (see erase overwrites below).
Engineers are reminded and can inform the client:
(a) The engineer’s attendance at site is due to the management responsible for data protection and safe data handling and destruction requesting engineer assist.
(b) The degaussing paddle is an accepted approach and identified in specific standards e.g. NIST SP 800-88 Rev 1 2014, and used by UK Government, NSA, FBI etc.
(c) The degausser is calibrated and a certificate of conformity accompanies the paddle.
(d) The degauss paddle technical specification meets the requirement for degaussing the HDD e.g.
| Degauss Paddle Specifications | |
| Power Weight Dimensions (L x W x D) Construction Typical Peak Flux Maximum Flux Minimum Flux | None required 5.5 oz. 7" x 1.5" x .25" One piece aluminium containing high-energy magnetic assembly 8,000 + gauss 12,000 gauss 6,000 gauss |
Should the above examples not assist the client, then there is the obvious statement that why would the courier be using the degaussing wand tool if their organisation had not approved its use in the first place?
Lastly, if local client still is unsure then enquiries should in the first instance be referred back to the client management who are aware of the standards to be applied as defined by the organisation’s policy.
Data Wiping Software Tools
As a reminder regarding data wiping software tools, there are numerous standards that also define the number of erase overwrites that the erasure software tools apply during data wiping. (see erase overwrites below).
No comments:
Post a Comment