| Do You
Really Need Disk Sanitizers?............... |
|
First it was
SCSI, then a few years
later RAID, then after
that came SAN, quickly
followed by NAS and
iSCSI. Well at least the "SCSI"
part seemed like an old familiar.
It's a shame that all the stuff you
learned about the different types of (what we must now call) "parallel
SCSI" - LV something
or other - no longer adds to a high score in a CV.
Somewhere in
the dim distant mists of
storage memory
(though not necessarily in this order) came
SATA, then another
comeback for SCSI
again, D2d, VTL and the
list seems endless.
Now it's ...SSDs,
MLC, SLC...
and Disk Sanitizers?
Isn't the storage market complicated
enough already?
Do you really need to start worrying about something
else you've hardly ever heard of?
Before you answer that - here's a
much simpler question.
What do you do with your old credit card when
the new one arrives? Do you drop it on the street? I don't think so? How about
advertising it on eBay? - One old credit card - expiry date nearly over - no
longer needed by current owner - going cheap.
How about that new copy
of your customer list that the marketing people have been promising you for the
last 6 months? When it finally arrives so you can use it at the
trade show you're
exhibiting at - do you just throw the old one in the trash?
ILM
(Information Life cycle Management) became a fashionable term in storage
circles about 5 years ago. Like most marketing buzz words - the ILM hype was
focused on whatever the vendors were selling at the time. ILM
ISVs were mainly
selling themselves to
bigger storage companies... with a company lifecycle which didn't include much
more time than writing a few press releases about the ver 1.0 release before
the money from the VC in
the wall machines was spent.
But beneath the surface glitter of
acronyms there are some useful concepts in the ILM which are still relevant
today.
What happens to your data when the storage media they are
stored on gets too old?
The afterlife for things like disk drives
and RAID systems is not something that most of us think about much. It's not the
glamorous end of the storage market.
In the home market maybe your
old PCs are stored in the garage. It's a myth that you can give them to the
kids. In my experience - the kids always demand and get the newest fastest PCs
- much more powerful than the ones that we use at work. Most of your old PCs
were probably still working you stopped using them. Maybe that means your old
email accounts and bookmarks work too. How long would it take someone to try
requesting the main online banks that your password details should be emailed
to your old machine? Even if your old PC stopped working and you threw it out -
the disk drives can be recycled by
environmentally
friendly agencies who do deals with your garbage collection company.
In
the corporate and government markets - recycling is done wholesale. When new PCs
are bought the old ones are traded in or disposed to brokers hundreds or
thousands of machines at a time. Someone else is taking care of the problem for
you. Or are they?
There's a lot of evidence from security companies
like
Pointsec that a
worryngly high percentage of second hand / refurbished hard disk drives bought
on the open market still have readable data.
Yes they were "wiped"
clean by commercially available utilities.
Yes the disks were
reformated.
But both processes are undoable in a matter of seconds.
Many disk wipe utilities are simply that - useful utilities that make it hard
for you to see the data on your disk drive. But unless they follow algorithms
used by the military, the files they cover up can be easily read by data
recovery software.
There are 3 common types of product and service
which address the Disk Sanitizer market.
- software - useful for using on one machine or a low
number of machines.
- hardware - which wipes a batch of disks clean at
hardware speeds - and is useful if you're recycling hundreds of drives.
- services - which mechanically break the disks into
fragments which are considered too small for criminals to do anything with.
(Although a good data recovery company or your intelligence agency cmay still be
able to read files off a 1 inch fragment off a broken disk drive).
The best approach for you to take with
maintaining your own data privacy depends on your own situation. But just as you
wouldn't throw your old credit card onto the street - think about what's
happening to those old disk drives next time you buy a new PC, server or RAID
system. And make sure that your broker - if you use one - is using a product
which actually works. |
| . |
| Pointsec found that
they were able to read 7 out of 10 hard-drives bought over the Internet
at auctions such as eBay, for less than the cost of a McDonald's meal, all of
which had "supposedly" been "wiped-clean" or "re-formatted". |
| . |
When Disk Sanitizing Won't
Do the Job
Editor:- July 13, 2005 - Just thought I should mention
on this page that there's one situation in which disk sanitizers won't
protect your valuable identity or other confidential info no matter how
smart the software.
This warning thought was triggered by my own
recent experience in which a hard disk I was using for backup failed in the
write mode - but its contents (the old backups) were still readable. In that
case the only way to ensure that no one else can steal your data is physical
destruction.
I was helped out in this by Sam, the 11 year old son of
some college friends who were visiting. We took the disk drive out to the back
of the barn and Sam sanitized it using a combination of sledge hammer and log
splitter. The disk platter, bent split and shiny but no longer readable, was
saved as something he was going to save on his wall as a momento of the
experience.
We sanitized a 486 PC tower after that - which is one of
about a dozen old PCs we have been wondering what to do with and storing in a
shed. That had two disk drives - so Sam's younger brother (6) was able to get in
on the act and sanitize one for himself too.
You can never be too young
to learn the importance of data security - or how to wield a large ax safely
for chopping firewood. These are important things to know. But readers should
not try this themselves without the supervision of an experienced log slayer. |
| . |
Did You Know?
Disk
Sanitizers are entirely different to Telephone Sanitisers. If you were looking
for the story of the Golgafrinchan Telephone Sanitisers in the Hitchiker's
Guide to the Galaxy see the
BBC's
Hitchiker's cult page. |
| . |
How Big is the Hard Disk
Sanitizer Market?
STORAGEsearch.com estimates that this market
segment, which barely existed just a few years ago could grow to over $2
billion.
Although software products can clean up disk data in low
volumes, we estimate that due to the fear and risk of malware - most corporate
users will prefer not to use software sanitizers as their main
protection tool. The disk clean-ups will be done primarily by hardware
appliances. The market will split into companies which provide this as a
service and those who sell the disk eraser systems. |
| . |
Did You Know?
Many
solid state disks, designed
for military applications, have inbuilt commands which can erase all the data or
make the disk unreadable.
Some disks offer a choice:- of either the fastest erase time or lowest
power to erase (useful when the disk is deployed in a system which has limited
battery current). So it's not beyond the wit of hard disk manufacturers to
include such functions too. Will that happen? We'll let you know if it does. | |
| ZoneLoc
Prevents flash SSD Data Walking into the Wrong Hands |
Phoenix, Arizona - February
12, 2009 - White Electronic Designs Corp announced a new technology -
ZoneLoc - which automatically sanitizes a flash SSD to military standards -
when the device is moved outside a specified operating zone - to prevent data
falling into enemy hands.
The boundary can be tied to a fixed
location or made to be portable for mobile applications. ZoneLoc has
configurable features and options, including audible warnings, programmable
response times, wireless remote purging and sensitivity modes. Because the
protected device takes its own action, autonomously, security is guaranteed.
...White Electronic
Designs profile, Storage
Security, Disk
Sanitizers
A Hard to Duplicate Offer on Hard Disk Duplicators
Chatsworth, CA - February 3, 2009 -
Aleratec Inc. launches the 1:5 HDD Cruiser - a 5 way hard disk drive
duplicator and 6 way sanitizer for SATA drives combined in a single unit (ERP
$1049).
The base unit is designed for 3.5" drives, but an optional
$105 kit converts it over to 2.5" operation. Duplication speed is
approximately 40MB/s. As an introductory promotion Aleratec is offering a free
3 way PATA disk duplicator to customers who buy the 5 way model this month. ...Aleratec profile,
Disk Duplicators,
Disk Sanitizers
Sun Enters the Disk Sanitizer Market
Santa
Clara, Calif - November 25, 2008 - Sun Microsystems, Inc. today
entered the Disk Sanitizer market.
Sun Data Protection
Services, Data Erasure, is a new on-site service to help enable customers to
remain compliant with internal corporate data erasure policies during the
removal, redeployment or relocation of equipment containing sensitive data. The
service also empowers customers' to become compliant with the ever increasing
policies of regulatory agencies for the removal or destruction of data, by
providing a global, audit-ready solution that erases data at the platter level.
Sun has been using the same data erasure service internally to prepare company
assets for reassignment and redeployment.
Drew Hughes, technical
program manager at Sun Microsystems said - "When we work with a government
client to transfer equipment from one resource to another, we use the Data
Protection Services Erasure to ensure that our services team has no data
compromise."
Industry research (from
IDC) indicates that most
midsize to large corporations replace about 25% to 33% of
their IT equipment on an annual basis. Each event in the equipment life cycle
can expose sensitive corporate or customer data to possible breach or
compromise. ...Sun
Microsystems profile, Storage
Services , Disk
Sanitizers
Royal Bank of Scotland's Customer List Sold on eBay
Editor:- August 26, 2008 - the
leading story today on the UK's BBC broadcast news was that 1
million bank customer records had been found on a disk bought for $70 on
eBay.
This is the 2nd major data security story to hit the
headlines in less than a week. The earlier case involved the loss of UK police
records containing data for
thousands of
criminals.
The prisoner records are still missing, but the bank
customers in today's story can breathe a sigh of relief that the purchaser of
the unsanitized disk was an honest citizen. | |
| . |
|
|
| . |
|
| . |
WiebeTech's
Low Cost Disk eRazer
WICHITA , KS -
November 12, 2007 - WiebeTech today unveiled its Drive eRazer family
for IDE/PATA and SATA hard drives.
The standard model (price
$99.95) can erase a 250GB drive in under 2 hours. Operation is easy. Simply
connect it to a drive and flip a switch.
"As many people discover too late, trashing a file does not
erase it from a hard drive,"
said James Wiebe, president/CEO of WiebeTech. "It is fairly easy for
someone else to recover files from used hard drives. As a
test, we bought used drives on eBay and recovered everything from corporate data
to email conversations to financial data to legal documents. Drive eRazer is the
easiest, most economical solution available to prevent others from seeing your
files." ...WiebeTech
profile,
Disk Sanitizers
This Email will Self Destruct in 72 Hours
CHICAGO, IL - October 16,
2007 - Ocean Tomo Auctions, LLC today announced it will sell several
lots of patents relating to data storage at its Live Intellectual Property
Auction on October 25th at The Palmer House Hilton in Chicago.
One patent addresses a self-destructing document or email messaging
system that automatically destroys documents after a predetermined period of
time.
Another Lot in the Data Storage category, which includes a
substantial portfolio of U.S. patents, generally relates to data storage
devices, disk drives, and other aspects of storing digital information by
magnetic and optical data storage technologies.
SafeErase 3 for Windows Vista
Berlin - May 15,
2007 -
O&O Software GmbH today releases SafeErase 3 for Windows Vista.
With 5 different deletion methods complying with recognized international
standards, the user can create individual configurations, adapted to each
scenario. The deletion methods differ from each other in the number and the way
data is actually overwritten. As well as the standard deletion procedures of US
DoD and German BSI, users can also select the
Gutmann Method, which
meets the highest possible security criteria and overwrites data up to 35 times
The full version costs EUR 29.90.
...O&O Software
profile,
Storage Software,
Disk Sanitizers
Hard Drive Cleanser Wipes Vista
Burlington,
MA - March 14, 2007 - Acronis, Inc. announced that its Drive Cleanser
6.0 (typical list price $49.99) now supports Microsoft Vista.
"Acronis
Drive Cleanser has been honored on multiple occasions as the best disk wiping
application on the market," said Walter Scott, CEO of Acronis. "The
addition of Vista support means that now users of virtually all versions of the
desktop Windows OS can, with complete confidence, delete the data from any
partition or the entire hard disk and know the data will never, ever be
resurrected for purposes such as industrial espionage or identity theft. The
product is used by corporate customers and consumers to wipe an old hard disk
before it is disposed of or repurposed as additional storage."
...Acronis profile,
Disk Sanitizers
Blancco Offers Nonprofit ORGs Free Disk
Wipes
JOENSUU,
FINLAND - October 30, 2006- Blancco announced today that they will make
available donations of their data erasure software to eligible nonprofit
organizations via the nonprofit technology website TechSoup.
Each nonprofit organization with 501c3 designation will be entitled to 500
Blancco licenses. Like commercial enterprises, nonprofits face a critical
challenge when they want to recycle, resell, or reuse obsolete computers: the
data remaining on the hard
drives need to be professionally wiped in order to maximize data security
and prevent data leaks or identity theft. The software is operated from a
central server, so users do not need to install the software on each computer
prior to data wiping. It is designed not only for PCs and laptops but also for
servers with several hard drives.
...Blancco profile,
Disk Sanitizers
Thumbs Up for Mainframe Disk Sanitizer
from Down Under
Little
Falls, NJ - September 5, 2006 - Innovation Data Processing, today
announced that its FDRERASE for the IBM z/OS environment has earned a
place on the Australian Defense Signals Directorate Approved Products List as a
Media Sanitisation product with a conformance claim of EAL2+.
"You
expect Defense and National Security agencies to have strict rules," said
Thomas J. Meehan, Innovation's Vice President of Advance Technology. "FDRERASE
today, is the only DSD certified solution available for securely erasing disks
in z/OS environments. ...because of this FDRERASE is especially popular with
banks, card payment service providers, educational institutions, financial
intuitions, government agencies, hospitals and insurance companies all of which
have legislated Personal Identity Information Protection obligations, to
securely erase data when leaving a DR site or disposing of disk storage systems."
...Innovation Data
Processing profile , Storage
Security, Disk
Sanitizers
Fujitsu Launches Tape / Disk Degausser
Sunnyvale, CA -
May 30, 2006 - Fujitsu Computer Products of America, Inc. today
announced the Mag EraSURE Professional Value desktop degausser.
The
product is an effective, economical solution for industries that require fast
and secure removal of magnetically recorded data from
hard disk drives,
removable disks and
backup tapes. The
Fujitsu Mag EraSURE family of products utilizes a rare earth permanent magnet to
degauss magnetically recorded information. Data becomes permanently
unrecoverable by commercial means once exposed to the powerful magnet in the
device. In addition to purging recorded information on the storage device,
including servo and calibration data, the degausser also destroys most
read/write heads.
A key feature of the Fujitsu Mag EraSURE is its
user friendly operation. Users simply insert the drive into the degausser and
push the button; the device handles the rest. It can operate 24x7 with no-wait
duty cycle and accepts a wide variety of media:- hard disk drives - up to 3.5"
and 1.6" height and floppy, Zip, Rev and Jazz media. Also backup tapes:-
SDLT, DLT, LTO/LTO2, DAT, TRAVAN, AIT, QIC, 8mm. The Mag EraSURE P2V is priced
at $13,500.
...Fujitsu profile,
Disk Sanitizers | |
| . |
 . |
| |
|
