In October 2019, Blancco, an international data security company, released an article discussing various end-of-life data destruction methods and comparing drive destruction to data erasure. While we agree with some of what was written, we’d like to clarify a few things.
In the article, Blancco recommends weighing the level of impact certain end-of-life data can have in the case of a data breach combined with how quickly the data may age out. They then suggested basing the method of sanitization off of that assessment. We want to stress that there should never be an assessment of this nature when handling sensitive, confidential or personally identifiable information (PII). It is always best practise to treat all end-of-life data as never aging out and having a potentially high level of harm if breached as both can be impossible to predetermine. Remember, there is no statute of limitations for a data breach, meaning that an end-of-life drive can cause a breach years after it was discarded.
Have Drive Destruction - Practises to Avoid
While some companies argue that drives should be reused as a more economical option, we disagree. By reusing drives, a company risks that leftover unencrypted or encrypted data getting into the wrong hands. Companies should future-proof their end-of-life data destruction procedures to ensure the prevention of future data breaches. This will not only save them time and money in the long run but prevents any damages to their customer base and reputation. (It’s better to be safe now than sorry in the long run!)
Blancco also notes that using a third-party vendor to sanitize and destroy end-of-life data and devices is an option. Morgan Stanley recently came under fire for the alleged data breach of their client’s financial information after an ITAD (IT asset disposition) vendor misplaced various computer equipment storing customers’ personally identifiable information (PII). Even though Blancco suggests carefully researching and vetting the vendors to ensure they are properly destroying your devices, introducing a third party significantly increases the chain of custody. Companies face a far higher risk of data breach every step of the way when opting for this route.
While there are some reputable data sanitization vendors out there, it can be far too easy for ITAD vendors to misuse, mishandle and misplace drives when in transportation and the actual acts of destruction and disposal. There have even been reports of some vendors selling end-of-life devices and their sensitive information to online third parties.
"A typical data destruction misconception is that erasing or overwriting a drive and degaussing are synonymous"
We suggest eliminating ITADs altogether if they’re part of your device destruction procedure simply because the security risks can be unpredictable and potentially catastrophic. Instead, we recommend purchasing one of our NSA-listed devices, keeping the chain of custody within the company, and conducting all destruction in-house. You can read more of our thoughts on Morgan Stanley’s data breach here.
A typical data destruction misconception is that erasing or overwriting a drive and degaussing are synonymous. Unfortunately, that kind of thinking can quickly become dangerous depending on the information you are looking to destroy.
While methods such as cryptographic and data erasure would allow the drive to be used again, as Blancco suggests, you run the high risk of leaving behind sensitive data that can become a gold mine for hackers and thieves.
Best Practices to Follow
While degaussing is not possible for destroying end-of-life data on solid-state drives (SSDs), SEM always recommends following NSA standards and degaussing all magnetic media, including hard disk drives (HDDs), before destruction. Solid-state drives (SSDs) and optical media do not require it as part of the destruction process, but crushing and/or shredding is recommended. By degaussing HDDs, companies are choosing the most secure data sanitization method per NSA guidelines as this is the only way companies can be sure that their data has been properly destroyed. When magnetic media is degaussed, the machines use powerful magnetic fields to sanitize the magnetic tapes and drive, wiping all sensitive information from the device. This act renders the drive completely inoperable, which should always be the goal.
Once the device has been degaussed, it should be physically destroyed. The combination of degaussing and physical destruction for HDDs is without a doubt the most secure method of ensuring your end-of-life data stays at the end of its life. Not even the most skilled of hackers will be able to get any information off of the drive, simply because there’s nothing left on it to hack!
Regardless of the catalyst for end-of-life drive destruction, it is always best practice to conduct destruction and degaussing in-house. It is also important to remember that a data breach is a data breach, no matter the level of impact. Blancco writes that “not all degaussing machines are adequate to the task of demagnetizing all HDDs.” They’re right.
At SEM, we have an array of various high-quality NSA listed/CUI and unclassified magnetic media degaussers, IT crushers, and enterprise IT shredders to meet any regulation. In addition, any one of our exceptional sales team members is more than happy to help answer any questions you may have and help determine which machine will best meet your company or federally regulated destruction needs.