Return merchandise authorization, or RMA, is a process by which a merchant replaces, repairs, or issues a refund for a product while it is under warranty. With hard drives, this presents a particular challenge. Physical failures are hard to prevent and a drive may fail that you’ve stored gigabytes of data on. Sending the device to the merchant or vendor can expose sensitive information to 3rd parties. Therefore, your team needs to know how to sanitize a hard drive before the RMA process begins.
There’s no question about it. Your data is at risk of exposure during the RMA process. If the mechanical system on a refurbished hard drive is still working, there may still be recoverable files and data. This includes data in text or spreadsheet format.
The RMA process involves a few steps. To start, the customer usually speaks to a technical support agent, who asks several questions and concludes, based on the customer’s answers, whether the product is defective. If so, an RMA is issued. The RMA number must then be written on the box the product will be shipped in. All original boxes, manuals, and items must be included, or else the merchant can return it and charge a restocking fee to the customer.
When mailing the product, it’s highly recommended to work with a shipping company that tracks your package. You will be informed of its status every step of the way. This isn’t the only concern when you RMA a hard driveor SSD. It’s important to wipe a drive first, to ensure the RMA process is as safe as possible.
Encryption does not remove data. All your information remains on the drive. It can potentially be exposed as encryption and decryption technologies change in the future. These changes cannot be predicted and there may be unforeseen weaknesses in the encryption algorithm. The next technological advancement can give a hacker the tools to easily decode your encrypted data.
Whether a drive is sent out for repairs or it’s being refurbished for another customer, you must know how to sanitize a hard drive and SSD properly. It also helps to have tools that wipe data on devices and over entire networks. Also, with in-depth reporting, you can have insights into what was erased, by who and at which location.
WipeDrive provides Department of Defense level wiping of data. Used by corporations and government agencies, it erases HD, SSD, and NVMe drive data permanently and is certified to Common Criteria EAL 2+ security standard. It is also compliant with Sarbanes-Oxley, GDPR, Fiserv and HIPAA. You can re-use computers, donate hardware, and discard equipment without fear of data theft, as well as manage the RMA process more effectively.
WhiteCanyon Software provides several solutions to wipe a drive. Call us at 801.224.8900 to learn more.