| Do You
Really Need Disk Sanitizers?............... |
|
First it was
SCSI, then a few years
later RAID, then after
that came SAN, quickly
followed by NAS and
iSCSI. Well at least the "SCSI"
part seemed like an old familiar.
It's a shame that all the stuff you
learned about the different types of (what we must now call) "parallel
SCSI" - LV something
or other - no longer adds to a high score in a CV.
Somewhere in
the dim distant mists of
storage memory
(though not necessarily in this order) came
SATA, then another
comeback for SCSI
again, D2d, VTL and the
list seems endless.
Now it's ...SSDs,
MLC, SLC...
and Disk Sanitizers?
Isn't the storage market complicated
enough already?
Do you really need to start worrying about something
else you've hardly ever heard of?
Before you answer that - here's a
much simpler question.
What do you do with your old credit card when
the new one arrives? Do you drop it on the street? I don't think so? How about
advertising it on eBay? - One old credit card - expiry date nearly over - no
longer needed by current owner - going cheap.
How about that new copy
of your customer list that the marketing people have been promising you for the
last 6 months? When it finally arrives so you can use it at the
trade show you're
exhibiting at - do you just throw the old one in the trash?
ILM
(Information Life cycle Management) became a fashionable term in storage
circles about 5 years ago. Like most marketing buzz words - the ILM hype was
focused on whatever the vendors were selling at the time. ILM
ISVs were mainly
selling themselves to
bigger storage companies... with a company lifecycle which didn't include much
more time than writing a few press releases about the ver 1.0 release before
the money from the VC in
the wall machines was spent.
But beneath the surface glitter of
acronyms there are some useful concepts in the ILM which are still relevant
today.
What happens to your data when the storage media they are
stored on gets too old?
The afterlife for things like disk drives
and RAID systems is not something that most of us think about much. It's not the
glamorous end of the storage market.
In the home market maybe your
old PCs are stored in the garage. It's a myth that you can give them to the
kids. In my experience - the kids always demand and get the newest fastest PCs
- much more powerful than the ones that we use at work. Most of your old PCs
were probably still working you stopped using them. Maybe that means your old
email accounts and bookmarks work too. How long would it take someone to try
requesting the main online banks that your password details should be emailed
to your old machine? Even if your old PC stopped working and you threw it out -
the disk drives can be recycled by
environmentally
friendly agencies who do deals with your garbage collection company.
In
the corporate and government markets - recycling is done wholesale. When new PCs
are bought the old ones are traded in or disposed to brokers hundreds or
thousands of machines at a time. Someone else is taking care of the problem for
you. Or are they?
There's a lot of evidence from security companies
like
Pointsec that a
worryngly high percentage of second hand / refurbished hard disk drives bought
on the open market still have readable data.
Yes they were "wiped"
clean by commercially available utilities.
Yes the disks were
reformated.
But both processes are undoable in a matter of seconds.
Many disk wipe utilities are simply that - useful utilities that make it hard
for you to see the data on your disk drive. But unless they follow algorithms
used by the military, the files they cover up can be easily read by data
recovery software.
There are 3 common types of product and service
which address the Disk Sanitizer market.
- software - useful for using on one machine or a low
number of machines.
- hardware - which wipes a batch of disks clean at
hardware speeds - and is useful if you're recycling hundreds of drives.
- services - which mechanically break the disks into
fragments which are considered too small for criminals to do anything with.
(Although a good data recovery company or your intelligence agency cmay still be
able to read files off a 1 inch fragment off a broken disk drive).
The best approach for you to take with
maintaining your own data privacy depends on your own situation. But just as you
wouldn't throw your old credit card onto the street - think about what's
happening to those old disk drives next time you buy a new PC, server or RAID
system. And make sure that your broker - if you use one - is using a product
which actually works. |
| . |
| Pointsec found that
they were able to read 7 out of 10 hard-drives bought over the Internet
at auctions such as eBay, for less than the cost of a McDonald's meal, all of
which had "supposedly" been "wiped-clean" or "re-formatted". |
| . |
When Disk Sanitizing Won't Do the Job
Editor:- July 13, 2005 -
Just thought I should mention on this page that there's one situation in which
disk sanitizers won't protect your valuable identity or other
confidential info no matter how smart the software.
This warning
thought was triggered by my own recent experience in which a hard disk I was
using for backup failed in the write mode - but its contents (the old backups)
were still readable. In that case the only way to ensure that no one else can
steal your data is physical destruction.
I was helped out in this by
Sam, the 11 year old son of some college friends who were visiting. We took the
disk drive out to the back of the barn and Sam sanitized it using a combination
of sledge hammer and log splitter. The disk platter, bent split and shiny but
no longer readable, was saved as something he was going to save on his wall as a
momento of the experience.
We sanitized a 486 PC tower after that -
which is one of about a dozen old PCs we have been wondering what to do with and
storing in a shed. That had two disk drives - so Sam's younger brother (6) was
able to get in on the act and sanitize one for himself too.
You can
never be too young to learn the importance of data security - or how to wield a
large ax safely for chopping firewood. These are important things to know. But
readers should not try this themselves without the supervision of an experienced
log slayer. |
| . |
Did You Know?
Disk
Sanitizers are entirely different to Telephone Sanitisers. If you were looking
for the story of the Golgafrinchan Telephone Sanitisers in the Hitchiker's
Guide to the Galaxy see the
BBC's
Hitchiker's cult page. |
| . |
How Big is the Hard Disk
Sanitizer Market?
STORAGEsearch.com estimates that this market
segment, which barely existed just a few years ago could grow to over $2
billion in 2008.
Although software products can clean up disk data
in low volumes, we estimate that due to the fear and risk of malware - most
corporate users will prefer not to use software sanitizers as their
main protection tool. The disk clean-ups will be done primarily by hardware
appliances. The market will split into companies which provide this as a
service and those who sell the disk eraser systems. |
| |
|
|
| . |
| Disk
Sanitizer news |
Aleratec's
Disk Sanitizer gets Military Citation
Chatsworth, CA - March
3, 2008 - Military Embedded Systems magazine has commended Aleratec Inc.
for its new stand alone HDD Cruiser - a hard disk drive sanitizer and
duplicator all in one unit.
The
HDD Cruiser will
simultaneously sanitize
up to 4 hard drives to
assure that all confidential data is unreadable. It can also
duplicate up to 3 HDDs
simultaneously.
"We are very proud to be recognized for our developments by
Military Embedded Systems Magazine"
said Perry Solomon, President and CEO of Aleratec. "...We made the HDD
Cruiser the complete tool, it can also make exact duplicate copies of hard
drives to expedite setting up new PCs or recycling old drives with new site
licensed operating systems and standard applications which is particularly
useful when drives have already been used and need to be set up for a new
project." ...Aleratec
profile
WiebeTech's Low Cost Disk eRazer
WICHITA , KS -
November 12, 2007 - WiebeTech today unveiled its Drive eRazer family
for IDE/PATA and SATA hard drives.
The standard model (price
$99.95) can erase a 250GB drive in under 2 hours. Operation is easy. Simply
connect it to a drive and flip a switch.
"As many people discover too late, trashing a file does not
erase it from a hard drive,"
said James Wiebe, president/CEO of WiebeTech. "It is fairly easy for
someone else to recover files from used hard drives. As a
test, we bought used drives on eBay and recovered everything from corporate data
to email conversations to financial data to legal documents. Drive eRazer is the
easiest, most economical solution available to prevent others from seeing your
files." ...WiebeTech
profile,
Disk Sanitizers
This Email will Self Destruct in 72 Hours
CHICAGO, IL - October 16,
2007 - Ocean Tomo Auctions, LLC today announced it will sell several
lots of patents relating to data storage at its Live Intellectual Property
Auction on October 25th at The Palmer House Hilton in Chicago.
One patent addresses a self-destructing document or email messaging
system that automatically destroys documents after a predetermined period of
time.
Another Lot in the Data Storage category, which includes a
substantial portfolio of U.S. patents, generally relates to data storage
devices, disk drives, and other aspects of storing digital information by
magnetic and optical data storage technologies.
SafeErase 3 for Windows Vista
Berlin - May 15,
2007 -
O&O Software GmbH today releases SafeErase 3 for Windows Vista.
With 5 different deletion methods complying with recognized international
standards, the user can create individual configurations, adapted to each
scenario. The deletion methods differ from each other in the number and the way
data is actually overwritten. As well as the standard deletion procedures of US
DoD and German BSI, users can also select the
Gutmann Method, which
meets the highest possible security criteria and overwrites data up to 35 times
The full version costs EUR 29.90.
...O&O Software
profile,
Storage Software,
Disk Sanitizers
Hard Drive Cleanser Wipes Vista
Burlington,
MA - March 14, 2007 - Acronis, Inc. announced that its Drive Cleanser
6.0 (typical list price $49.99) now supports Microsoft Vista.
"Acronis
Drive Cleanser has been honored on multiple occasions as the best disk wiping
application on the market," said Walter Scott, CEO of Acronis. "The
addition of Vista support means that now users of virtually all versions of the
desktop Windows OS can, with complete confidence, delete the data from any
partition or the entire hard disk and know the data will never, ever be
resurrected for purposes such as industrial espionage or identity theft. The
product is used by corporate customers and consumers to wipe an old hard disk
before it is disposed of or repurposed as additional storage."
...Acronis profile,
Disk Sanitizers
Blancco Offers Nonprofit ORGs Free Disk
Wipes
JOENSUU,
FINLAND - October 30, 2006- Blancco announced today that they will make
available donations of their data erasure software to eligible nonprofit
organizations via the nonprofit technology website TechSoup.
Each nonprofit organization with 501c3 designation will be entitled to 500
Blancco licenses. Like commercial enterprises, nonprofits face a critical
challenge when they want to recycle, resell, or reuse obsolete computers: the
data remaining on the hard
drives need to be professionally wiped in order to maximize data security
and prevent data leaks or identity theft. The software is operated from a
central server, so users do not need to install the software on each computer
prior to data wiping. It is designed not only for PCs and laptops but also for
servers with several hard drives.
...Blancco profile,
Disk Sanitizers
Thumbs Up for Mainframe Disk Sanitizer
from Down Under
Little
Falls, NJ - September 5, 2006 - Innovation Data Processing, today
announced that its FDRERASE for the IBM z/OS environment has earned a
place on the Australian Defense Signals Directorate Approved Products List as a
Media Sanitisation product with a conformance claim of EAL2+.
"You
expect Defense and National Security agencies to have strict rules," said
Thomas J. Meehan, Innovation's Vice President of Advance Technology. "FDRERASE
today, is the only DSD certified solution available for securely erasing disks
in z/OS environments. ...because of this FDRERASE is especially popular with
banks, card payment service providers, educational institutions, financial
intuitions, government agencies, hospitals and insurance companies all of which
have legislated Personal Identity Information Protection obligations, to
securely erase data when leaving a DR site or disposing of disk storage systems."
...Innovation Data
Processing profile , Storage
Security, Disk
Sanitizers
Fujitsu Launches Tape / Disk Degausser
Sunnyvale, CA -
May 30, 2006 - Fujitsu Computer Products of America, Inc. today
announced the Mag EraSURE Professional Value desktop degausser.
The
product is an effective, economical solution for industries that require fast
and secure removal of magnetically recorded data from
hard disk drives,
removable disks and
backup tapes. The
Fujitsu Mag EraSURE family of products utilizes a rare earth permanent magnet to
degauss magnetically recorded information. Data becomes permanently
unrecoverable by commercial means once exposed to the powerful magnet in the
device. In addition to purging recorded information on the storage device,
including servo and calibration data, the degausser also destroys most
read/write heads.
A key feature of the Fujitsu Mag EraSURE is its
user friendly operation. Users simply insert the drive into the degausser and
push the button; the device handles the rest. It can operate 24x7 with no-wait
duty cycle and accepts a wide variety of media:- hard disk drives - up to 3.5"
and 1.6" height and floppy, Zip, Rev and Jazz media. Also backup tapes:-
SDLT, DLT, LTO/LTO2, DAT, TRAVAN, AIT, QIC, 8mm. The Mag EraSURE P2V is priced
at $13,500.
...Fujitsu profile,
Disk Sanitizers | |
| . |
|
 . |
Did You Know?
Many
solid state disks, designed
for military applications, have inbuilt commands which can erase all the data or
make the disk unreadable.
Some disks offer a choice:- of either the fastest erase time or lowest
power to erase (useful when the disk is deployed in a system which has limited
battery current). So it's not beyond the wit of hard disk manufacturers to
include such functions too. Will that happen? We'll let you know if it does. | | |
|
