We are constantly reminded of the importance of recycling. In the ICT industry, recycling of computer equipment can be useful for educational or charitable organisations. It can however be detrimental to the previous owner. Charitable establishments such as Computer Aid International will refurbish computers for reuse in various sectors including education, health and other non-profit organisations for the benefit of developing countries. It would appear Computer Aid International ‘wipe’ each hard disk drive, which is good news as it hopefully provides some certainty that data cannot be retrieved.
However, it is doubtful that the ‘average’ user realises the risks involved by selling their old computer on websites such as eBay. They may delete all their files, re-install the operating system (OS) and possibly format their drive, yet the data will probably reside on the disk, typically in unallocated space. Data fragments may be present that could be used maliciously in the hands of a criminal; indeed data from any source i.e. any electronic device could be used maliciously. Discarding computer equipment without due care could lead to irreparable, financial, political and personal damage to the owner or organisation.
A recent study conducted by Glamorgan University (source: Time Online website) revealed more than 50% of the 111 hard drives purchased contained personal and confidential information. Over 87% of those drives were bought from eBay. This, I feel, raises an international concern. The fundamental concept of eBay and other online auctioneer sites is bringing sellers and individuals together to trade online, creating a world wide market place. Whilst this is beneficial for the legitimate user, we do however risk handing over our personal data to terrorists, corrupt organisations and paedophiles, not to mention the risk of being blackmailed or threatened.
Therefore, the question is – what is the best method of wiping data from our hard drives and protecting ourselves against these threats? With due consideration to economic, data confidentiality and environmental factors I shall discuss the various options available to the public and private sectors.
What are the software options?
Generally, you could choose to either physically destroy the hardware or use either software or hardware to delete the data. There are many software products offering data destruction and typically software vendors ‘guarantee’ to destroy your data. Yet, is this enough? This approach relies on the user correctly installing the software and carrying out the correct procedure. In most instances a computer will only have one hard disk; yet to execute such a program (and to get the desired ‘100%’ destruction result) usually requires an operating system to be present. In other words, you need another hard drive to run the software so that data can be deleted off the unwanted drive. Alternatives may include bootable programs such as DBAN (Darik's Boot and Nuke) that claims to “delete the contents of any hard disk it detects”. Other software options include: AccessData – WipeDrive, Acronis - Drive Cleanser, CyberScrub - CyberCide and VCOM – SecureErase. These represent just a small handful of the applications available.
The software approach may incur costs; however some applications are probably free on the internet. The disadvantage I feel for a software based approach is the time consumption. Generally speaking ‘shredders’ will write data onto each of the drive’s sectors. The type of data depends on the application; however, this may include characters or numerals. The process, assuming numerals, is known as ‘binary flipping’. Basically a binary number, for example 11110000 is written to each sector then the ‘flip side’, or compliment as it is known, is written. In this instance this would be 00001111.
According to research, the United States Department of Defence considers this approach, with adequate executions and particular algorithms used, to be acceptable in destroying non critical data. However, they suggest executions up to 32 times to class a disk ‘sanitised’. We therefore must consider the complications and factors of such extremes. To sanitise a drive 32 times will take copious amounts of time, therefore wasting electricity, time and obviously human and computer resources. This process could take days if not weeks if there were hundreds of disks.
What are the hardware options?
The DiskMaster is an excellent example of how data can be destroyed using a hardware approach. It is fast, efficient and you can set a predefined pattern that should be written to the disk. The DiskMaster is able to wipe drives to Department of Defence standards.
However, again with this approach much time is required to wipe a drive. The concept of a hard disk drive has evolved since the 1950’s where data from 5MB (Mega Byte) could be stored. Now we are in an era where 750GB (Giga Bytes) can be stored on one single disk. This inevitably means to destroy a disk, using either software or hardware based approaches will increase in time, cost and subsequently your patience.
Are there any other options?
I believe that physical destruction is the quickest and simplest approach. By removing the top plate of a hard disk drive, you limit the chances of recovering the data due to dust and other contaminants affecting the drives platters (where your data is stored). Physically scoring lines or drilling holes into the platter will hopefully destroy the data beyond any reasonable doubt.
The concept of shredding paper to deter criminals using printed material such as bank statements or bills for identity theft and forgery has now been taken to the next level. Available now is an industrial tape and hard disk shredder. If you search within Google “GSA Industrial Tape and Hard Drive Destroyer 380/500” you will witness the future when it comes to data destruction.
This powerful machine, whilst not commercially viable for the home user, would suit any large company where data destruction was crucial to their intellectual electronic property. Using this machine would render data retrieval practically impossible. I cannot imagine a point in the future where we would be able to reconstruct the data from shredded material.
Obviously this method would mean a user couldn’t resell their hard drive. However as the cost of hard disk drives decrease year in year out, is the cost of another hard drive really an issue?
To summarise, the benefit using the software or hardware approach would be: reusability and the chance to recoup some money. The disadvantages would include the ‘risk’ involved by relying on software or hardware to completely destroy your data. Another disadvantage would be the time consumption and costs involved, including electricity and human resources.
The main advantage of using a hard disk shredder is that complete 100% destruction can be witnessed. The destruction can take as little as 30 seconds. The main disadvantage is that such machines are currently not widely available. As the disks cannot be reused it is not an environmentally friendly approach. The last disadvantage is that the costs involved outweigh those of a software approach.
My conclusion to this article would be if you are desperately worried about the data on magnetic media falling into the wrong hands, then look at the options to physically destroy that media.
Sunday, January 21, 2007
Managing Backup And Recovery Services
Iceland Seafood International (ISI) has numerous offices located in ten countries and sells seafood products to UK retailers, and in order for the headquarters in Iceland to manage the business on a global scale, it is important that the data generated in all of its satellite offices is protected. ISI was previously using a tape-based backup service, which was not efficient or effective in its subsidiary office locations in the United Kingdom and Germany. The tape-based backup was "just about" manageable in the Iceland offices, but it was proving difficult to manage the tape backups on an international scale: The tapes weren't being changed at the stipulated times, it was difficult to recover data from tapes located all over the world and there was the additional concern of tapes potentially going missing.
SecurStore Remote Backup Service used all its knowledge and experience to bring the most effective and efficient solution to ISI by using Asigra Televaulting. ISI's multi-office corporate structure demanded a backup/restore service that respected remote data and ensured that it is protected to the same level as corporate data. ISI turned to SecurStore to eliminate these problems with their agentless distributed backup software service, which does not require tapes and allows a company with geographically dispersed offices to back up and recover data from a single location. Data protection is assured as encrypted data is backed up via disk over the WAN and stored offsite. SecurStore's high-calibre services guaranteed ISI successful and fast retrieval of any data they require from any office location around the globe.
"Within minutes of starting the test phase of the SecurStore Remote Backup Service we realised the benefits distributed backup and recovery would provide us with, not just from a cost perspective, but also from a global business continuity perspective," said Runar Bjarnthorsson, IT Manager of Iceland Seafood International."We chose SecurStore because their service eliminates the possibility of human error and allows us to protect our entire company's data from every global office location, which can all be managed from our headquarters in Iceland," continued Bjarnthorsson. "We saw very quickly from initial tests how much cost we could save with agentless software by paying for the amount of data stored and not for each machine that is backed up.”
SecurStore Remote Backup Service, provides ISI with an agentless backup/recovery environment for the entire organisation, including information residing on desktops, laptops and servers. This allows ISI to protect every system on the network without the hassle of agent-based license fees, agent installation, agent-induced performance loss and annual agent upgrades. Whenever a new PC is added to the ISI network, there is no need for a backup agent to be installed, which is a complex and costly burden. ISI only pays for the total amount of compressed data stored.
SecurStore Remote Backup Service used all its knowledge and experience to bring the most effective and efficient solution to ISI by using Asigra Televaulting. ISI's multi-office corporate structure demanded a backup/restore service that respected remote data and ensured that it is protected to the same level as corporate data. ISI turned to SecurStore to eliminate these problems with their agentless distributed backup software service, which does not require tapes and allows a company with geographically dispersed offices to back up and recover data from a single location. Data protection is assured as encrypted data is backed up via disk over the WAN and stored offsite. SecurStore's high-calibre services guaranteed ISI successful and fast retrieval of any data they require from any office location around the globe.
"Within minutes of starting the test phase of the SecurStore Remote Backup Service we realised the benefits distributed backup and recovery would provide us with, not just from a cost perspective, but also from a global business continuity perspective," said Runar Bjarnthorsson, IT Manager of Iceland Seafood International."We chose SecurStore because their service eliminates the possibility of human error and allows us to protect our entire company's data from every global office location, which can all be managed from our headquarters in Iceland," continued Bjarnthorsson. "We saw very quickly from initial tests how much cost we could save with agentless software by paying for the amount of data stored and not for each machine that is backed up.”
SecurStore Remote Backup Service, provides ISI with an agentless backup/recovery environment for the entire organisation, including information residing on desktops, laptops and servers. This allows ISI to protect every system on the network without the hassle of agent-based license fees, agent installation, agent-induced performance loss and annual agent upgrades. Whenever a new PC is added to the ISI network, there is no need for a backup agent to be installed, which is a complex and costly burden. ISI only pays for the total amount of compressed data stored.
The 5 Most Common Reasons Why People Believe They Won't Need Data Recovery
Most people don't realize how important their data is until it is lost. Hard drive data recovery is needed for a variety of reasons, all of which are often ignored until it is too late. And in most cases, some people have had opportunities to protect their files from data loss and corruption, but may have thought one of these 5 common beliefs about their data and why they won't need to find a hard drive data recovery company.
"My hard drive is brand new, so my data is safe" Have you ever bought a new toaster, coffee maker, DVD player, or even the most popular toy for your child only to have to return it or exchange it because there were problems with it? Then as you drive back to the store where it was purchased, you wonder how something you just purchased brand new could break so fast. Things break, brand new or old, that is why there are warranties! Regardless, a hard drive is no different. Each comes with a manufacturer's warranty for the hard drive, but not the data. A data loss is your problem, not theirs.
So when your hard drive fails and you are left looking at a blank screen, a variety of error messages, or hear a loud clicking noise from the hard drive, you sit and slowly realize that your world is about to change. Your belief that the data on your new hard drive is safe from data corruption or mechanical hard drive failure erodes, and the panic begins to set in.
"We backup our data to a spare hard drive (or other media)"
It is always a good habit to backup your data. In fact, kudos to you if you do! Now, that you have patted yourself on the back for your fantastic disaster planning, do you recall when you last tested your backup? When was the last backup restored to verify the data, test the backup media, and confirm that the data stored is still relevant to your business?
This is often where problems arise. While it is great that a disaster recovery plan in place, is a backup from 1 month ago really of value? 1 year ago? 3 days ago? Loosing a few days or months of data from a home user's point of view may not be such a big deal...as long as they have their important docs, pictures and MP3s.
However, depending on your business, several lost days of data can devastate a company. For the business community, a day of data loss can cost the company thousands of dollars and worst yet, customers.
"I run a RAID server, and because of that, my data is safe"
RAIDs are configured with multiple hard drives, at least 2, and the belief most people have is that their data is safe from data loss and they won't ever need data recovery since they use a RAID server. In most cases that is true. However, when multiple hard drives fail, the risk of data loss increases. When a single hard drive in a RAID array fails, it can be replaced and the RAID can attempt to be rebuilt. When multiple hard drives fail, the rebuild process can possibly still be done, however there is a higher risk of data loss if the rebuild process fails.
If hard drives are moved around to different positions in the RAID, new hard drives added, and the swapping of good and defective hard drives are done, the risk of overwriting the RAID stripe and destroying that information reduces the chances of recovering data from that RAID. The safest way to ensure that your hard drive data is recoverable when your RAID looses a hard drive and becomes unhealthy is to seek out a data recovery company who are RAID recovery specialists. The more you (or your IT staff) attempt to repair and rebuild, the less of a chance that the data will ever be recovered.
"I don't surf 'questionable' websites, so I won't catch any viruses"
Of course you don't. Nobody visits 'questionable' websites. Those websites all just are out there, with nobody visiting them at all. From the adult websites, free software websites, music websites, and every other website created by people that my have alterior motives and want to get at your data...any computer attached to the Internet is at risk for data intrusion and corruption.
Most businesses and home users have varying degrees of network security for their computers, which protect their data from most hard drive corruption, such as viruses. However, with with e-mail, instant messaging, file attachments and other such things shared by employees and friends, the risk to accidentally infect a hard drive with a virus increases.
Make sure you run some sort of anti-virus software and if possible a fire wall to protect yourself and your data from corruption. These two simple suggestions can save you hundreds of dollars in hard drive recovery.
"I definitely learned to expect the unexpected"
Life has a funny way of getting at you when you least expect it. Weather is the least planned for with regards to data loss, and for good reason. Mother nature like to keep us on our toes! She floods homes and businesses with water and causes major water damage, she throws lightning from the heavens which cause power surges and wrecks havoc on electronics, she waves tornados and hurricanes toward companies and consumers and send them scattering for safety, and she also scorches the earth with fire burning offices and homes and charring computers, servers and laptops.
Mother nature can also be kind and provide a beautiful day of warm sunshine. Allowing you to relax by the pool with your laptop, drinking some iced tea and getting some work done remotely...until somebody jumps into the pool and drenches your laptop with a wave of pool water. You can do everything to protect your data, but at some point, there will be a need for data recovery. It could be something due to a mechanical hard drive failure, file system corruption, or something as simple as 'my kid poured water on my laptop'.
There are a lot of things that can go wrong and nobody and plan for all of them. But, when given the opportunity to protect your data from data loss, take the extra time to evaluate the value of the data on your hard drive and weigh it against the time it would take to rebuild it and how it would affect you if you were to lose it permanently.
If your hard drive is experiencing problems, your safest option is to turn the computer off. Continued use may damage the hard drive and make your data unrecoverable. You should then make a note of what happened and consider contacting a company that specializes in data recovery.
"My hard drive is brand new, so my data is safe" Have you ever bought a new toaster, coffee maker, DVD player, or even the most popular toy for your child only to have to return it or exchange it because there were problems with it? Then as you drive back to the store where it was purchased, you wonder how something you just purchased brand new could break so fast. Things break, brand new or old, that is why there are warranties! Regardless, a hard drive is no different. Each comes with a manufacturer's warranty for the hard drive, but not the data. A data loss is your problem, not theirs.
So when your hard drive fails and you are left looking at a blank screen, a variety of error messages, or hear a loud clicking noise from the hard drive, you sit and slowly realize that your world is about to change. Your belief that the data on your new hard drive is safe from data corruption or mechanical hard drive failure erodes, and the panic begins to set in.
"We backup our data to a spare hard drive (or other media)"
It is always a good habit to backup your data. In fact, kudos to you if you do! Now, that you have patted yourself on the back for your fantastic disaster planning, do you recall when you last tested your backup? When was the last backup restored to verify the data, test the backup media, and confirm that the data stored is still relevant to your business?
This is often where problems arise. While it is great that a disaster recovery plan in place, is a backup from 1 month ago really of value? 1 year ago? 3 days ago? Loosing a few days or months of data from a home user's point of view may not be such a big deal...as long as they have their important docs, pictures and MP3s.
However, depending on your business, several lost days of data can devastate a company. For the business community, a day of data loss can cost the company thousands of dollars and worst yet, customers.
"I run a RAID server, and because of that, my data is safe"
RAIDs are configured with multiple hard drives, at least 2, and the belief most people have is that their data is safe from data loss and they won't ever need data recovery since they use a RAID server. In most cases that is true. However, when multiple hard drives fail, the risk of data loss increases. When a single hard drive in a RAID array fails, it can be replaced and the RAID can attempt to be rebuilt. When multiple hard drives fail, the rebuild process can possibly still be done, however there is a higher risk of data loss if the rebuild process fails.
If hard drives are moved around to different positions in the RAID, new hard drives added, and the swapping of good and defective hard drives are done, the risk of overwriting the RAID stripe and destroying that information reduces the chances of recovering data from that RAID. The safest way to ensure that your hard drive data is recoverable when your RAID looses a hard drive and becomes unhealthy is to seek out a data recovery company who are RAID recovery specialists. The more you (or your IT staff) attempt to repair and rebuild, the less of a chance that the data will ever be recovered.
"I don't surf 'questionable' websites, so I won't catch any viruses"
Of course you don't. Nobody visits 'questionable' websites. Those websites all just are out there, with nobody visiting them at all. From the adult websites, free software websites, music websites, and every other website created by people that my have alterior motives and want to get at your data...any computer attached to the Internet is at risk for data intrusion and corruption.
Most businesses and home users have varying degrees of network security for their computers, which protect their data from most hard drive corruption, such as viruses. However, with with e-mail, instant messaging, file attachments and other such things shared by employees and friends, the risk to accidentally infect a hard drive with a virus increases.
Make sure you run some sort of anti-virus software and if possible a fire wall to protect yourself and your data from corruption. These two simple suggestions can save you hundreds of dollars in hard drive recovery.
"I definitely learned to expect the unexpected"
Life has a funny way of getting at you when you least expect it. Weather is the least planned for with regards to data loss, and for good reason. Mother nature like to keep us on our toes! She floods homes and businesses with water and causes major water damage, she throws lightning from the heavens which cause power surges and wrecks havoc on electronics, she waves tornados and hurricanes toward companies and consumers and send them scattering for safety, and she also scorches the earth with fire burning offices and homes and charring computers, servers and laptops.
Mother nature can also be kind and provide a beautiful day of warm sunshine. Allowing you to relax by the pool with your laptop, drinking some iced tea and getting some work done remotely...until somebody jumps into the pool and drenches your laptop with a wave of pool water. You can do everything to protect your data, but at some point, there will be a need for data recovery. It could be something due to a mechanical hard drive failure, file system corruption, or something as simple as 'my kid poured water on my laptop'.
There are a lot of things that can go wrong and nobody and plan for all of them. But, when given the opportunity to protect your data from data loss, take the extra time to evaluate the value of the data on your hard drive and weigh it against the time it would take to rebuild it and how it would affect you if you were to lose it permanently.
If your hard drive is experiencing problems, your safest option is to turn the computer off. Continued use may damage the hard drive and make your data unrecoverable. You should then make a note of what happened and consider contacting a company that specializes in data recovery.
Subscribe to:
Posts (Atom)
Posts
