Each year as our busy event season comes to an end we are struck by how neglected the end-of-life hard drive retirement process is in most companies. We've talked to hundreds of IT professionals over the years and have found that the majority of them don't have a solid grip on their organization's disposal strategy.
When we ask about what a company does with their retired drives, the most common answer is that "somebody else takes care of it." Out of sight, out of mind. What fun is an old overweight, balding, and slightly malfunctioning hard drive, right? By the time it reaches end of life I'd rather let someone else take care of it. That's exactly what the IT world by large is doing, and it represents a very serious data security risk.
Drives are being stored away in the "back room" for over a year before they're shipped off to a hopefully-responsible third party for sanitization, destruction, and disposal. The whole time they have potentially sensitive data on them just waiting to be compromised. It's very common for drives to even sit for 2 or 3 years before being processed.
Don't be complacent. Employees represents one of the largest data security risks.
So let's get the IT industry back on track. Let's push for a more responsible handling of our data. There's no reason drives shouldn't be securely and permanently sanitized within days of being retired. Our software will allow a technician to initiate a wipe remotely in under 5 minutes and drive info and wiping results are stored in a central database for tracking purposes. With available and affordable tools there's no excuse for sensitive data to remain on retired drives for more than a few days or even a few hours.
Don't pass the buck. Don't let data stay on your retired drives for years. Sanitizing on the front end covers a multitude of sins on the back end.