The article quotes someone saying I feel like this misses the real point. In governance meetings you have to persuade people that the thing they're concerned about has been taken care of. So, for...
The article quotes someone saying
The reason? "The cloud service providers we spoke to said security, but what they actually meant was risk management," says Mr Hands. "They have a zero-risk policy. It can't be one in a million drives, one in 10 million drives, one in 100 million drives that leaks. It has to be zero."
I feel like this misses the real point.
In governance meetings you have to persuade people that the thing they're concerned about has been taken care of. So, for data security you're going to have to say either
a) "These drives have been shredded, no-one is getting anything off them" vs
b) "We overwrote the drives with random data. No-one is getting anything off them."
For (b) you're going to get people asking about undelete and advance techniques and you end up saying things like "there are no commands in your operating system that you can use to recover the data; there is no software you can download or buy that can recover the data; there are no companies selling a service to recover the data; there are no research projects showing the data is recoverable; there are no court cases using recovered data; there really isn't any way to get the data back".
And then the people you're talking to have done a shitty google search and found a "recover your deleted data!" recovery company advert and haven't understood what that company is saying.
Sometimes it's much easier to do something that's a bit dumb than to teach the world that the right thing (eg, ata secure erase) is good enough.
Sucks for the planet.
Also, good grief but second-hand hard drives are not something I want to use with any data that I think is more than trivial.
I really don't feel like that is the case. I work a lot directly with Azure engineers in my job (I don't work for Microsoft, but with their products as a consultant) and nearly every time a...
I really don't feel like that is the case.
I work a lot directly with Azure engineers in my job (I don't work for Microsoft, but with their products as a consultant) and nearly every time a customer tries to question them, they're given varying answers that basically translate to "you have to trust us", no matter if it's related to compliance, legal demands, etc., the answer is the same. They wouldn't have an issue giving the same issue here if there actually was a zero-risk policy, but there isn't.
In this case it's simply not time- or cost-effective to guarantee zero-risk. If there's a small chance that deleted data can be readable on 1 disk, then it's not good enough. Easier to just throw them out and monitor their destruction.
In a governance meeting, there's also something to "this is so simple that the intern can do it". These drives are just a cost center for organizations. They can't repurpose them. They can't sell...
In a governance meeting, there's also something to "this is so simple that the intern can do it".
These drives are just a cost center for organizations. They can't repurpose them. They can't sell them for much value. Most of them are outdated. Most of them specialized for data centers (where noise, heat, and electricity consumption are less problematic).
Rather than trying to convince a whole room full of people that you can invest a bunch of time and effort to make these drives "somewhat valuable", it's far easier to simply tell everyone "we destroy them".
This seems like a pretty dumb argument to make. Shredding drives isn't "risky" (and relative to what?). It's by far the easiest and fastest way to physical destroy the drive to make it effectively...
The irony is that shredding devices is relatively risky today. The latest drives have 500,000 tracks of data per square inch. A sophisticated data recovery person could take a piece as small as 3mm and read the data off it, Mr Hands says.
This seems like a pretty dumb argument to make. Shredding drives isn't "risky" (and relative to what?). It's by far the easiest and fastest way to physical destroy the drive to make it effectively worthless. Maybe, and just maybe, you might have state-level actors that would try to read the data off a 3mm sliver. But the risk of that, and the steps necessary to prevent that, likely offset the additional cost.
There are several ways a drive can be purged. Hard drives can be overwritten with new patterns of data, for example, which can then be checked to make sure the original data has gone. With today's storage capacities, it can take a day or two.
So a day or two for one drive. The article even says that the company is shredding 5 million drives for a single customer. If you want to purge 5 million drives, you need much more space, more power usage, some sort of auditing system to prove that the purge is actually secure. Which means cost of doing business goes up and price goes up to compensate.
encryption at rest i feel like is enough but i don't know a lot about data recovery. Technically you could get the encrypted data and try to break it. What about sending the platters to a melter...
encryption at rest i feel like is enough but i don't know a lot about data recovery. Technically you could get the encrypted data and try to break it. What about sending the platters to a melter to be made into a new drive?
The article quotes someone saying
I feel like this misses the real point.
In governance meetings you have to persuade people that the thing they're concerned about has been taken care of. So, for data security you're going to have to say either
a) "These drives have been shredded, no-one is getting anything off them" vs
b) "We overwrote the drives with random data. No-one is getting anything off them."
For (b) you're going to get people asking about undelete and advance techniques and you end up saying things like "there are no commands in your operating system that you can use to recover the data; there is no software you can download or buy that can recover the data; there are no companies selling a service to recover the data; there are no research projects showing the data is recoverable; there are no court cases using recovered data; there really isn't any way to get the data back".
And then the people you're talking to have done a shitty google search and found a "recover your deleted data!" recovery company advert and haven't understood what that company is saying.
Sometimes it's much easier to do something that's a bit dumb than to teach the world that the right thing (eg, ata secure erase) is good enough.
Sucks for the planet.
Also, good grief but second-hand hard drives are not something I want to use with any data that I think is more than trivial.
I really don't feel like that is the case.
I work a lot directly with Azure engineers in my job (I don't work for Microsoft, but with their products as a consultant) and nearly every time a customer tries to question them, they're given varying answers that basically translate to "you have to trust us", no matter if it's related to compliance, legal demands, etc., the answer is the same. They wouldn't have an issue giving the same issue here if there actually was a zero-risk policy, but there isn't.
In this case it's simply not time- or cost-effective to guarantee zero-risk. If there's a small chance that deleted data can be readable on 1 disk, then it's not good enough. Easier to just throw them out and monitor their destruction.
That's good to hear.
I freely admit I'm sometimes a bit too cynical with stuff like this.
In a governance meeting, there's also something to "this is so simple that the intern can do it".
These drives are just a cost center for organizations. They can't repurpose them. They can't sell them for much value. Most of them are outdated. Most of them specialized for data centers (where noise, heat, and electricity consumption are less problematic).
Rather than trying to convince a whole room full of people that you can invest a bunch of time and effort to make these drives "somewhat valuable", it's far easier to simply tell everyone "we destroy them".
This seems like a pretty dumb argument to make. Shredding drives isn't "risky" (and relative to what?). It's by far the easiest and fastest way to physical destroy the drive to make it effectively worthless. Maybe, and just maybe, you might have state-level actors that would try to read the data off a 3mm sliver. But the risk of that, and the steps necessary to prevent that, likely offset the additional cost.
So a day or two for one drive. The article even says that the company is shredding 5 million drives for a single customer. If you want to purge 5 million drives, you need much more space, more power usage, some sort of auditing system to prove that the purge is actually secure. Which means cost of doing business goes up and price goes up to compensate.
I would wager most anyone who stores anything remotely sensitive would at least wipe the drive several times before sending it off to be shredded.
encryption at rest i feel like is enough but i don't know a lot about data recovery. Technically you could get the encrypted data and try to break it. What about sending the platters to a melter to be made into a new drive?
<grumble> so much magnet fun destroyed. Hard drives have some pretty powerful magnets inside.