I "cleanse" drives for a living (about 3,000+ per year). I am
responsible for cleansing drives for disposal, donation, employee sales,
and inter/intra department transfers. The best way I have found to
cleanse any drive is with "wiping" software per DOD specs. The software
I use is WipeDrive 3.0 by www.accessdata.com. This software is on a
bootable floppy and you can also write a batch file and use switches to
automate the process. Corporate licensing can be costly though...
If I do get an apple machine I remove the drive and place it in a IBM
compatible. I also have SCSI cards in this machine to accommodate the
older macs. I have 50 pin to Ultra Wide 2 etc to cover the Sun
Microsystems units. Depending on the size of the drive 1GB - 60GB the
process can take anywhere from 30 mins up to a couple of hours. I have
a work bench with an 8 port KVM setup for this purpose, so they can run
untouched for hours if needed...several at a time.
This method is very time consuming, but well worth the effort and time
when it comes to our data security needs. We are a medical center and
thus our PC's contain patient data, research data, etc. We must conform
to HIPAA regulations! This method is pretty much fool proof if you are
willing to devote the resources. I guess it really boils down to a Risk
Management issue. How important is your data? What risk are you taking
by using an untested/unsecured method for data destruction? In our case
the cost associated with this method is irrelevant considering the
alternative risk...
How this helps...
Daniel
-----Original Message-----
From: Frank Knobbe [mailto:frank (at) knobbe (dot) us [email concealed]]
Sent: Monday, March 21, 2005 5:28 PM
To: Christopher Blume
Cc: forensics (at) securityfocus (dot) com [email concealed]
Subject: Re: Macintosh wiping (but why)
On Thu, 2005-03-17 at 14:58 -0500, Christopher Blume wrote:
> Not that I'm a hard drive expert or anything -- but I wonder why would
> question the degausser's ability to work on hard drives of a certain
> modernity or capacity.
> I have no idea about the assurance these things come with regarding
> data security -- but we did use them to wipe drives a few years back
> at a college -- not for disposal, just to clean the machine out for
> another department.
Was the other department able to use the drive? How did you recreate the
servo tracks on the drive? Was there some kind of sub-low-level format
available that recreate the servo tracks?
Also, did you degauss with the protective hard drive casing on? Or did
you open the drive up and degauss the platters?
I'm under the impression that degaussing is useful to destroy not only
the data, but also the drive (especially modern drives. Older, dare I
say ancient, drives may withstand the rigors of low-level scrubs due to
absence of servo/sync tracks). Looks like good for disposal. But I'm not
sure if degaussers are the way to wipe drives for re-use...
Has someone here degaussed and successfully re-used a drive?
Regards,
Frank
-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
responsible for cleansing drives for disposal, donation, employee sales,
and inter/intra department transfers. The best way I have found to
cleanse any drive is with "wiping" software per DOD specs. The software
I use is WipeDrive 3.0 by www.accessdata.com. This software is on a
bootable floppy and you can also write a batch file and use switches to
automate the process. Corporate licensing can be costly though...
If I do get an apple machine I remove the drive and place it in a IBM
compatible. I also have SCSI cards in this machine to accommodate the
older macs. I have 50 pin to Ultra Wide 2 etc to cover the Sun
Microsystems units. Depending on the size of the drive 1GB - 60GB the
process can take anywhere from 30 mins up to a couple of hours. I have
a work bench with an 8 port KVM setup for this purpose, so they can run
untouched for hours if needed...several at a time.
This method is very time consuming, but well worth the effort and time
when it comes to our data security needs. We are a medical center and
thus our PC's contain patient data, research data, etc. We must conform
to HIPAA regulations! This method is pretty much fool proof if you are
willing to devote the resources. I guess it really boils down to a Risk
Management issue. How important is your data? What risk are you taking
by using an untested/unsecured method for data destruction? In our case
the cost associated with this method is irrelevant considering the
alternative risk...
How this helps...
Daniel
-----Original Message-----
From: Frank Knobbe [mailto:frank (at) knobbe (dot) us [email concealed]]
Sent: Monday, March 21, 2005 5:28 PM
To: Christopher Blume
Cc: forensics (at) securityfocus (dot) com [email concealed]
Subject: Re: Macintosh wiping (but why)
On Thu, 2005-03-17 at 14:58 -0500, Christopher Blume wrote:
> Not that I'm a hard drive expert or anything -- but I wonder why would
> question the degausser's ability to work on hard drives of a certain
> modernity or capacity.
> I have no idea about the assurance these things come with regarding
> data security -- but we did use them to wipe drives a few years back
> at a college -- not for disposal, just to clean the machine out for
> another department.
Was the other department able to use the drive? How did you recreate the
servo tracks on the drive? Was there some kind of sub-low-level format
available that recreate the servo tracks?
Also, did you degauss with the protective hard drive casing on? Or did
you open the drive up and degauss the platters?
I'm under the impression that degaussing is useful to destroy not only
the data, but also the drive (especially modern drives. Older, dare I
say ancient, drives may withstand the rigors of low-level scrubs due to
absence of servo/sync tracks). Looks like good for disposal. But I'm not
sure if degaussers are the way to wipe drives for re-use...
Has someone here degaussed and successfully re-used a drive?
Regards,
Frank
-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
[ reply ]