Do You Know What Your Hard Drive Disposal Strategy Is?

We are coming to an end of our busy event season for the year and have been struck by how neglected the end-of-life hard drive retirement process is in most companies. Over the last month, we've attended InfoSec World, CACS (an ISACA event), the IAITAM ACE conference, GEOINTEL, and will be attending FOSE this week. We've talked to literally hundreds of IT professionals in the process and have found that the majority of them don't have a solid grip on their disposal strategy.

When we ask about what a company does with their retired drives, the most common answer is that "somebody else takes care of it." Out of sight, out of mind. What fun is an old overweight, balding, and slightly malfunctioning hard drive, right? By the time it reaches end of life I'd rather let someone else take care of it. That's exactly what the IT world by large is doing, and it represents a very serious data security risk.

Drives are being stored away in the "back room" for over a year before they're shipped off to a hopefully-responsible third party for sanitization, destruction, and disposal. The whole time they have potentially sensitive data on them just waiting to be compromised. It's very common for drives to even sit for 2 or 3 years before being processed.

Don't be complacent. Employees represents one of the largest data security risks.

So let's get the IT industry back on track. Let's push for a more responsible handling of our data. There's no reason drives shouldn't be securely and permanently sanitized within days of being retired. Our software will allow a technician to initiate a wipe remotely in under 5 minutes and drive info and wiping results are stored in a central database for tracking purposes. With available and affordable tools there's no excuse for sensitive data to remain on retired drives for more than a few days or even a few hours.

Don't pass the buck. Don't let data stay on your retired drives for years. Sanitizing on the front end covers a multitude of sins on the back end.