12

What are some typical ways you guys retire hard drives? We have a hard drive that won't mount anymore (makes clicking sounds when it tries to mount). The data on it isn't necessarily sensitive (no financial records or the likes) but it does contain data that once belonged to an employee. We obviously can't mount it to securely delete the data. So in this situation, what's the best solution to securely and properly dispose of the hard drive?

Edit: Sorry, I didn't know if this was more appropriate here or on Serverfault. Please migrate it if it's more appropriate on the latter.

AviD
  • 72,138
  • 22
  • 136
  • 218
Safado
  • 732
  • 4
  • 12

6 Answers6

8

We use 3 primary methods of media destruction. Which method that is chosen will, of course, depend on any number of factors including; corporate policies regarding data handling, legal or regulatory requirements, corporate policies regarding equipment refresh/retirement, time constraints, physical condition of the device, etc.

Secure Deletion

This would include any number of methods by which we attempt to fiddle with the bits on disk. The most typical is some kind of N-pass overwrite. This has the advantage of leaving the drive intact for use later, can be done in any number of ways, and is relatively configurable. Whether you use DBAN on a desktop PC with 1 or 2 drives or something like an ImageMASSter with expansion sleds and work on 20 disks at a time. This method also works equally well on removable storage such as ZIP or floppy discs. It has already been discussed fairly well at How can I reliably erase all information on a hard drive? Since it sounds as if the disk in question is failing, then this is likely not a reliable option and moving on down to a physical destruction method may be required.

Electrical Scrambling

In the olden days when you had a room packed with tape there were few things better than a big honkin' degausser for making sure that you knew what left the room. As hard drives supplanted tape, their use simply got transferred to the new medium. The biggest advantage to using a degausser to take care of hard drives is speed. Just pass a box through the unit, ignore the jiggling in your fillings, and walk away with clean drives. The downside is the lack of ability to audit data destruction. As discussed in the Wikipedia article, once a hard drive is degaussed, the drive is mechanically unusable. As such, one cannot spot check the drive to ensure cleanliness. In theory the platters could be relocated to a new device and we cannot state, categorically, that the data will not be accessible.

Wanton Destruction

This is without question my favorite. Not only because we demonstrate, without question, that the data is gone, but the process is very cathartic. I have been known to take an hour or so, dip into the "To Be Destroyed" bin, and manually disassemble drives. For modern hard drives all you need is a torx set and time (possibly pliers). While one will stock up on their magnet collection, this method of destruction is very time consuming. Many companies have developed equipment specifically for hard drive destruction en-masse. These range from large industrial shredders to single unit crushers such as this beauty from eDR. I have personally used that particular crusher, and highly recommend it to any Information Security professional who has had a bit of a rough day.

Community
  • 1
Scott Pack
  • 15,167
  • 5
  • 61
  • 91
  • +1, but are the drives in the "for destruction" bin already over-written? What happens if someone steals the bin? – DanBeale Aug 13 '11 at 09:41
  • 2
    @DanBeale That would depend on type of data that had been stored on the drive. While theft is always a possibility, if you're putting said bin in a place where thievery *is* a concern, you should be more careful. Where do you store equipment that is part of an ongoing investigation? – Scott Pack Aug 13 '11 at 13:17
  • Fair enough. But people make mistakes:- http://www.telegraph.co.uk/news/uknews/5128478/Terror-blunder-police-chief-Bob-Quick-under-pressure-to-resign.html – DanBeale Aug 13 '11 at 13:20
  • 1
    My point exactly! If you're doing something like that, then you should be more careful. – Scott Pack Aug 13 '11 at 16:18
  • There's an increasing number of articles that describe how to use thermite to destroy hard disks, since it's relatively cheap and mechanically and magnetically disintegrates the platters. In particular it raises the temperature beyond the Curie point of the platters where any permanent magnetic orientation is inevitably lost. – David Foerster Oct 31 '14 at 00:55
6

There is a good list of options here PC Pro’s top 10 hard disk destruction methods you've got quite a lot of options depending on how extreme you want to be and what tools you have access to.

Personally I unscrew the HDDs take out the platters and then use them for coffee coasters if they haven't got anything massively sensitive on them.

Mark Davidson
  • 9,367
  • 6
  • 43
  • 61
  • 1
    Proud owner of 3 new shiny coasters! The suggestions in the link were fun, but the most practical way seemed to either just use a hammer, or actually take the platters out. – Safado Aug 11 '11 at 16:44
  • 3
    Harddrives are resilient little pieces of hardware, makes for a fun time smashing them. Also, for a serious response, i would recommend DBaN and a harddrive shredder. – Ormis Aug 11 '11 at 18:01
  • 4
    Don't forget to extract the magnets. They are rare earth (typically Neodymium or Praseodymium) magnets and exceptionally strong. And of course rare! – this.josh Aug 11 '11 at 18:38
  • 2
    Be very, VERY, careful attempting to smash or bend platters. Most of the time they're some kind of metal. Sometimes on 3.5, and almost always on <=2.5, the platters are glass. That is *not* the kind of surprise you want when folding the platter with your bare hands. :/ – Scott Pack Aug 12 '11 at 02:41
  • @Ormis: Hard to use DBaN when the disk won't start. – Billy ONeal Aug 12 '11 at 17:40
5

This is a posible duplicate of a question How can I reliably erase all information on a hard drive?

That dealt with working drives, I guess.

But the answer depends on

  • how sensitive is the information
  • how serious are the attackers
  • do you need to follow a protocol
  • do you need to persuade other people the data has gone

For information that's not very sensitive, with attackers who aren't that bothered, in an environment without set protocols or regulatory oversight, you can just take the lids off and scour the platters with coarse sandpaper.

Otherwise, you may need to pay to have the drives put through a shredder, which is cheap enough and should satisfy everyone that the data has gone.

Community
  • 1
DanBeale
  • 2,064
  • 3
  • 18
  • 27
5

If it is a working hard drive, I would use either ATA Secure Erase or DBAN to erase all data on it. (If it is a SSD, use ATA Secure Erase.) Assuming either of those is successful, I wouldn't bother with physical destruction.

Physical destruction comes into play if the hard drive is no longer working and it is impossible to erase the data using ATA Secure Erase or DBAN.

D.W.
  • 98,420
  • 30
  • 267
  • 572
2
  • If its not a high quanity of HDD I just break them down to base parts with a torx screwdriver then i remove the platters and magnets (for personnel amusement) then I rough up the platters and put them in a shoebox. If its a laptop many times the smaller hard drives are glass platters so you can just break them on something hard (please do this outside and with glasses on)
  • If its a large amount 100+ ive heard that you can just put a few holes in the platters with a drill. this will keep the hdd read head from being able to float above the platters forcing the person to read the hdd with electron microscope which is impractical.
Crash893
  • 351
  • 1
  • 10
  • Is handling the platters with bare hands and the transfer of static electricity from my body to the platter not enough? In this case, it really doesn't matter because it isn't Top Secret government data but just out of curiosity.. – Safado Aug 11 '11 at 16:54
  • @Ryan M. It is likely that just opening the sealed chamber and exposing the platters and heads to air with a normal concentration of particulates with make a lot of data unreadable. A mild bump of the actuator or actuator arm may unalign the heads and effectivly prevent the heads from reading anything. – this.josh Aug 11 '11 at 18:52
  • @Ryan m. It's not a static thing it's making the surface rough so the read write head can't float on the surface thus can't be read quickly ( you could try microwaving it) – Crash893 Aug 11 '11 at 21:08
1

At my old job, we'd do the following:

1) Boot up Knoppix on a computer the drive was connected to and run shred for at least 3 passes.

2) Take it outside, open the case and beat the crap out of the platters with a hammer until they were in pieces.

3) Place in trash.

MattC
  • 131
  • 3