Once data is written to magnetic media, the likelihood that it will stay written is high because magnetic traces tend to linger on disk and tape with a bewildering tenacity. That's good news if you're trying to recover the data, but it's less comforting if your goal is compliance, where the aim is to keep data for a given period of time and then destroy it beyond all recoverability.
"Ever since Enron, no one wants to keep files around any more," said Diamond Lauffin, executive vice president at Nexsan Technologies. The SATA array manufacturer recently announced a "secure storage appliance" called Assureon, which digitally shreds files and data based on user-defined data disposition policies.
Organizations increasingly want to delete data from their archives the minute they're legally eligible to do so. "If you physically have the data, you are required to produce it, even if its retention period has expired," said Dave DuPont, senior vice president of sales and marketing at Plasmon, which makes optical media and libraries.
For users who archive data to write once, read many (WORM) optical platters, deleting data has long meant physically destroying the platter. But this summer, Plasmon added a new Ultra Density Optical (UDO) cartridge to its lineup that improves basic WORM capabilities. Called Compliant Write Once (CWO), it allows you to delete data on a file-by-file basis, physically destroying the underlying media so it can't be written over -- or read from -- again.
To destroy the media, the UDO drive simply flips the bits on the optical substrate to either all zeroes or ones, making the file effectively unreadable. But unlike magnetic media, there are no traces left of what the data used to be. At the same time, CWO media leaves an audit trail, documenting when and who destroyed a file.
The idea of CWO came from UDO users themselves, DuPont said. "We hadn't even thought of it …Customers liked UDO's true WORM capabilities, but wanted to be able to remove data at some point down the road" without having to destroy the entire cartridge, he said.
Nexsan's Assureon approach to data deletion is completely different. A content-addressed storage system, Assureon generates a hash for the files it stores on its system using 256-bit AES encryption. Coupled with a policy engine, when a given file or object reaches the end of its retention period, Assureon simply deletes the key, making it impossible to retrieve the file.
That approach to data destruction comes with one proviso, according to Jon Oltsik, senior analyst for information security at the Enterprise Strategy Group, Milford, Mass. "If you can prove that you've deleted the keys, it's a perfectly acceptable method of data destruction."
For more information:
This was first published in November 2005