[clug] securely wiping disks : secure destruction of data

[doug moncur]

Wiping disks takes time. Disks can also contain potentially valuable
information. Deciding how to wipe and what to wipe is a value
judgement.

For most purposes something like DBAN will give you a wipe to a
standard that will satisfy most auditors (it conforms to standards,
standards are good, auditors have to cover their backsides too), and
it has the added security of making sure that that credit card number
in a cached really has gone. Important, as you never know where your
disks end up. One time in Morrocco I saw a whole pile of second user
disks (some still with vendor stickers on them suggesting they came
from a large facility manager) on a market stall.

Occasionally, you (or your masters) want to be really certain the data
is gone. I once worked on a project where we engaged a company to
dispose of our hardware securely. This involved breaking down
machines, zeroing any static ram and having the disks cut in half by a
very large man with an even larger angle grinder. You then accompanied
said man to a very hot furnace where you watched him put the bits of
disk in the furnace and shut the door. That _was_  data disposal.

Wiping disks is about managing risk, not time

-Doug

-- 
LPO Box 8186, ANU, Acton ACT 0200, Australia
<e> dgm at acm.org :: <m> +61 4 3755 2545 :: <p> +61 2 6255 2545
<web> http://doug.moncur.googlepages.com/
<fax> faxes sent to +1 732 301 8861 will reach me