8

When it comes to disposing of hardware that may contain PII, confidential, or other sensitive material, how do you determine what needs special handling? What process do you use?

I'd like to expand this question to not just include computer hard drives, since photocopy machines also have hard drives that maintain an image of everything that was ever printed.

1 - What hardware and devices would you include in-scope for secure disposal?

  • Would you include just the harddrive, or would you include the RAM as well?

2 - What is the process for disposing of this hardware?

  • Do you hire a 3rd party, or do you do it yourself?
  • What are the technical requirements for it to be unrecoverable?
makerofthings7
  • 50,090
  • 54
  • 250
  • 536

3 Answers3

7

It looks like you are already aware of the 1st part of this question. For most purposes any non-volatile storage which may have held he data you consider sensitive should be included (solid state drives, hard drives, EPROMS, USB keys etc) but volatile memory should not. These storage devices could be in printers, fax machines, routers, switches, any computing platform.

A key prerequisite is understanding what you consider sensitive - eg the configuration of a router may need to be protected to avoid weakening network security, or devices storing personal or account data may come under DPA in the UK, or GLB or HIPAA in the US. A general rule of thumb is to look to the organisation's data classification policy as a guide and destroy data storage which comes under data protection requirements.

The in-house/outsource question could come down to just how sensitive the data is. I recently sat in an excellent presentation on data destruction in the military, where complete outsource was not an option, and complete destruction was a requirement, so the use of grinders which could take entire hard drives down to dust was approved. For many organisations who use hard disc encryption, a provider who carries out multiple overwrites to the extent that recovery is unfeasible may be sufficient. This will depend on both the level of sensitivity and the type of agent who may be trying to recover the data. If an attacker has an electron scanning microscope, they may be able to retrieve useful data off a hard disc platter which has been broken into pieces - but that is only likely to happen if the data is known to be of extremely high value.

Either way, auditable reporting of the destruction is essential - so you can evidence you received all the devices, and destroyed them, along with the destruction mechanism and final disposal details.

Rory Alsop
  • 61,367
  • 12
  • 115
  • 320
4

We used to mount the hard drive into a bench vise, then drill holes through the entire drive many times with a 1/4" bit, including through the platter mechanism.

Not much can be recovered from a platter with holes drilled all over it.

Greg
  • 254
  • 2
  • 4
1

Re: grinding hard disks. In the UK it's not enough to grind them into dust. They then preserve the dust and keep it under guard. This is done because the mere presence of the smallest byte pattern could prove that document X has been obtained (by the enemy) if document X were specifically outfitted with byte pattern X. Certain knowledge of what the enemy knows is valuable information in its own right and in some scenarios could prove decisive.

John Thompson
  • 181
  • 4
  • That sounds like guarding the dung heap after mucking out the stables to keep an enemy from reading what was printed on the hay the horses ate. I think chemical or incineration of the dust would be both cheaper and more effective, and thus a bit more believable. – John Deters Nov 18 '13 at 23:15
  • 2
    I didn't make it up. While I look for the link I am reminded by your comment that when POTUS has to poo, the Secret Service collects it so the enemy can't subject it to spectral analysis and learn what meds or ailments he (she) might have, as say, we did from Yeltsin's poo when we got the chance. – John Thompson Nov 19 '13 at 01:53