Data security

01May08

On a visit to the local coffee shop I saw a Blackberry and a jacket left unattended. A ripe opportunity for theft. It reminded me of reading in Canadian Lawyer, April 2008 about data security. Breach of data is also heightened with the popularity of thumb drives and Blackberries. A Toronto company called DataXile Corporation specializes in data destruction services. Hard drives are not recyclable because they become obsolete so fast, and are more problematic to upgrade. DataXile will demagnetize or wipe the hard drives then drill a hole into the case. It can take about four hours to wipe 100 drives. I recently got a new computer after 9 years and we took out the hard drive and destroyed it separately, if you are a do-it-yourself type.

As for Blackberries, an IT services technician can use a remote access feature from the network server to disable stolen or lost devices. If someone tried to turn it on next, then it would wipe itself clean of data. As for that coffee-drinking Blackberry user, it is probably a good idea to keep your device close to you or else it will likely be stolen and causing headaches.

- Brenda

About these ads


One Response to “Data security”

  1. It goes without saying that hard drives must be purged at the end of their usable life. Yet, physical destruction is a major source of the massive quantities of e-Waste that we are amassing on this planet of ours. If we look at the Canadian Government as a model, Industry Canada requires that any usable equipment that is retired be donated to the Computers for Schools program.

    Considering that the information on these computers can be very sensitive, the means by which these devices are decommissioned is of critical importance. Clearly, not all drives can be donated due to higher level classification of the data that had been stored on these devices. Yet, the majority of Fed Gov devices can be effectively purged of their legacy contents.

    Selecting a proper means to achieve effective sanitization is a dicey prospect due to the volume of conflicting, dated and poor quality guidance available. Recognizing this challenge the US NSA had engaged the University of California’s Center for Magnetic Recording Research and 6 major hard drive vendors to develop a standard for purging drive contents beyond laboratory efforts. The resulting technology is now embedded in all ATA drives (SATA, IDE, PATA, etc.) commonly found in most laptops and workstations, and is called Secure Erase. Secure Erase is a very powerful protocol that is capable of purging all regions on the media surface where information can be stored. Unlike software based overwrite utilities that are incapable of the same level of protection as Secure Erase (see NIST special report 800-88 for detailed clarification of this fact) , and require up to 8-13 times more time to complete, Secure Erase is highly efficient, and is not susceptible to laboratory level reconstruction efforts.

    Unfortunately, as Secure Erase is very powerful, and initiated by a sequence of commands to the drive controller, the potential for this technology to be exploited for malicious purposes has caused many hardware vendors to implement system level protection to inhibit the passing of the initiation sequence to the device. Recognizing this limitation, a company in Portsmouth NewH Hampshire had developed an appliance that facilitates enterprise and service providers to purge hard drives using an efficient and proven effective process. As a true green solution, by employing policy to purge, recycle and reuse these hard drives, you will not be contributing to the rapidly mounting e-Waste inventories.

    Just my 5 cents on the topic.



Follow

Get every new post delivered to your Inbox.

Join 355 other followers

%d bloggers like this: