While no one reading this is likely to be naive enough to think that just using the 'delete' command removes the data from a disk or tape, there are a lot of people in your organization who either do believe that or who have never given the matter any thought. One result is that much of a company's confidential information is filtering out of organizations by the back door. And more and more people are noticing.
One group noticing this is the media, who has been having a field day with reports of supposedly secure data from government offices, health care providers and other kinds of businesses, being recovered from discarded, surplus or donated computers and hard drives.
Another group beginning to take notice is government agencies, who are starting to require that some types of data be sanitized before the media containing them is disposed of. Most of the recent attention in this area has been due to The Health Information Portability and Accountability Act (HIPAA) which -- among other things -- requires covered entities to implement procedures ensuring that private patient information can't be read off discarded media.
For most of us, the saving grace is that HIPAA only applies to healthcare providers or related businesses. However, the need to sanitize media before disposal or reuse is both real and pressing.
Even media being reused within the organization needs to be sanitized before it is put back into service. Putting a disk that still has another employee's files, correspondence, etc. into service in someone's machine can create all sorts of problems, even if the original user 'deleted' the files before giving up the disk.
All this is complicated by the shifting meaning of the word 'recoverable' in data sanitization. A modern computer system is designed to be amazingly resilient to data destruction, either accidental or deliberate. In addition to the built-in safeguards, fault-tolerant features in storage systems and the rest, there is a remarkable collection of tools now available to help skilled IT pros to recover information from a damaged disk. This is wonderful if you've got an accidentally damaged disk, but not so wonderful if you have a curious or malicious individual with one of those tools and one of your disks.
Of course as anyone who's ever used a disk editor knows, those tools aren't infallible. Sanitizing a disk merely means working it over in some fashion so such tools can't obtain information from it.
Here are a few tips to help you better sanitize and safeguard your company's storage resources:
- Establish a sanitizing policy. The most important thing you can do is to establish a sanitizing policy for all media either leaving the organization or being reused elsewhere. That includes making sure that disks are properly cleaned before they are swapped into service, that floppies are properly and throughly erased before reuse and that backup tapes are handled appropriately.
- Set reasonable sanitizing standards "Reasonable" steps depend on circumstances. The U.S. Air Force procedures for sanitizing media (see related story) would be excessive for most businesses. Although storage administrators may need legal advice on specific kinds of data, the usual standard for media is to sanitize so that it is unreadable by normal recovery processes. In other words, someone with a standard disk recovery utility can't get data off the disk.
- Use the right tools. There are a number of utilities on the market that will render a hard disk unreadable by normal means. Among them are: Maresware's DCLASFY and DataEraser from OnTrack. All of them work by overwriting the entire disk, usually several times, in a way designed to destroy all traces of preexisting information. Since sanitizing a disk is usually a trade-off between speed and security, some products have to be run more than once to achieve a given level of sanitization. Make sure you understand what needs to be done to achieve the needed protection.
- Dispose of media appropriately. Some media can't be sanitized except by destruction. Establish procedures to see that these items (CD-ROMS, etc.) are properly destroyed and that they are safeguarded from the time they are discarded until they are destroyed.
About the author: Rick Cook has been writing about mass storage since the days when the term meant an 80K floppy disk. The computers he learned on used ferrite cores and magnetic drums. For the last twenty years he has been a freelance writer specializing in storage and other computer issues.