When told the old hard drive was being replaced--a hard drive that contained information about his clients--he was stunned to learn he wouldn't get it back. The retailer said it would destroy the drive so no one else could get access, but that didn't sit well with Wemhoff. It took a series of calls up the corporate chain of command to get the old drive returned. Best Buy said its policy in this case was to follow the manufacturer's warranty, which often calls for the old hard drive to be sent to the maker, even if it is loaded with personal information.This led me to send the following letter to the paper, commending the reporter on highlighting this problem and adding some thoughts of my own. I mentioned the grinding or "chipping" of hard drives that spy agencies do but it seems Georgia Tech is working on a less messy alternative: a powerful degausser, seen here (click photo for article).
This approach has a lot to recommend it. Using a less powerful degausser can require the hard drive platters to be removed from the casing. This requires a fair amount of effort (I just opened up a dead drive recently and brute force was involved). However, despite assurances that degaussing makes the data go away for good, I bet there will still be people in three-letter agencies who opt for physical destruction. It's just so, tangible, so very verifiable. Anyway, here's the letter that the Times-Union published today:
"Kudos to Times-Union reporter David Bauerlein for Friday's Metro article drawing attention to the security issues involved in hard drive repair and replacement. As a 25-year veteran of the computer security business I have to say this is one vulnerability that simply refuses to go away. It seems that each new generation of computer users has to learn the hard way (pun intended) that the convenience of hard drive storage comes at a price.
Businesses and individuals not only need to back up their hard drives on a regular basis to pre-empt data loss due to drive failure, they also need to take appropriate steps to keep that data under their control at all times. As your reporter correctly points out, a hard drive sent out for repair is not under your control. The same is true of hard drives on leased machines that are returned and older machines that are given away. Standard policy should be for all data to be stripped from hard drives before they are handed over to anyone else.
The steps you take to remove data from drives should be determined by the sensitivity of the data. A simple format of the drive is not enough to hide the remnants of the data from even a mildly curious hacker. Drives that have stored sensitive personal or business data should be wiped with a so-called scrubber or shredder program which over-writes each sector multiple times.
However, even that may not be enough to totally destroy the data. If the drive falls into the hands of a well-funded adversary, some data might still be recoverable. That's why America's spy agencies routinely grind their old hard drives into powder; not a huge price to pay when state secrets are at risk. Given the negative impact of a security breach on company profits, stock price, and reputation, it could prove to be a cost-effective course of action for many businesses as well. "