. This has become a huge issue for us, and is of the same magnitude as hospitals and power plants disposing of nuclear waste. It was a major embarassment here a few years ago, when Pam Zeckman, a reporter for a local TV station, fished an old PC out of a dumpster at the university, turned it on, and found hospital patient data. Several people got fired.
Under Illinois state law, we as a Stage Agency, have two alternatives: destroy beyond recognition and certify said destruction, or keep indefinitely. A third alternative is one that we are also using, which is to continue using stuff past its normal practical life. Such as over 100 old-type 9GB IBM SSA disk drives that I've arranged into RAID10 arrays so that failures won't lose data. Uses more electricity, sure, but it avoids the disposal cost. But that still does not address the issue of broken devices. A 4th alternative would seem to be secure erasure. DoD secure formatting (which must be done 7 times according to Illinois law) won't work on a broken device, and furthermore it is extremely costly in terms of labor. We have basically dismissed DoD formatting for either non-working or working devices. So far, we have mostly chosen the second alternative of warehousing the stuff, and now we have locked cabinets overflowing in the locked machine room full of failed storage devices - disks and tapes. We are scoping out a disk drive shredding machine. See http://www.machine-solution.com/products.asp?dept=194 - I'm looking forward to operating that thing! I bet its fun - nice and noisy! At one point we did take a box of failed media and took out our aggressions on them with a sledge hammer in a parking lot. However, tape does not yeild to a sledge hammer or punch press, because you could still retrieve whole sections of tape and read them. Tape has really got to be shredded or dissolved with acid. Strong magnetic fields could also be used, but you've got to measure and certify the strength of the magnetic field, and this is a procedure not without its own hazards to the operator, or to any equipment within a certain distance. I worry about a butter knife from the break room coming at me at 100MPH when I push the Erase button to degauss a tape. The hospital has been cool to the idea of letting us use their MRI machine. According to the auditors from the state in Springfield IL, when we destroy a media unit, we need to photocopy its label including the serial number, sign off that it was destroyed, have a second person sign as witness, and save that paperwork forever. They probably even want it notarized. I am not joking. Pam Zeckman from Channel 2 News is watching, and if I screw this up, I'll be unemployed. It's easier to stockpile them forever, like nuclear waste, and so that is what we are doing for now. Roger Deschner University of Illinois at Chicago [EMAIL PROTECTED] On Fri, 26 Jan 2007, Lamb, Charles P. wrote: > >How does your company handle the Disposition of Failed Storage Devices?? >After further discussions with my boss, we have many camps with >differing points of view. > >-----Original Message----- >From: ADSM: Dist Stor Manager [mailto:[EMAIL PROTECTED] On Behalf Of >Kauffman, Tom >Sent: Friday, January 26, 2007 10:57 AM >To: [email protected] >Subject: Re: [ADSM-L] Disposition of Failed Storage Devices > >Given the security group's position, I think your options are >sledghammer or iron smelter. And you'll really need to put everything >you've got into the sledgehammer, if you go that route. A thermal lance >or oxygen cutting torch might also fill the requirements. > >I doubt you'll get anything in writing from either IBM or EMC that will >be satisfactory. You'll also need to get quotes from both on how much >the maintenance fees will increase if the failed media device is >rendered non-salvageable before return. > >Tom Kauffman >NIBCO, Inc > >-----Original Message----- >From: ADSM: Dist Stor Manager [mailto:[EMAIL PROTECTED] On Behalf Of >Lamb, Charles P. >Sent: Friday, January 26, 2007 11:07 AM >To: [email protected] >Subject: Disposition of Failed Storage Devices > >Hi............ > >Our IT management is looking at implementing a process for disposition >of failed storage devices. We have a hardware contract with both IBM and >EMC. Our IT management is not sure that our data would be secured and >deleted correctly. > >Here is an excerpt from our security group. > >>From my perspective, what we have from IBM/EMC so far isn't sufficient. >My opinion is that in order for us to consider a vendor's approach >suitable- there needs to be more focus on data breach law compliance >support. For example, if we can confirm that their approach (or related >optional enhancements) is audited, secured, traceable, >employee/subcontractor vetting/background checking, and includes >appropriate notification of potential data breach, etc and that their >program is also periodically third party audited (& ideally court case >tested).. we're in a much better position. If/when they notify us of >loss, we also would need full cooperation in related investigation >efforts and confirming ultimate disposition. > >Your company's process would be appreciated. Thoughts?? Tnx's a bunch >for your input. >CONFIDENTIALITY NOTICE: This email and any attachments are for the >exclusive and confidential use of the intended recipient. If you are >not >the intended recipient, please do not read, distribute or take action in > >reliance upon this message. If you have received this in error, please >notify us immediately by return email and promptly delete this message >and its attachments from your computer system. We do not waive >attorney-client or work product privilege by the transmission of this >message. >
